libgo: update to Go1.16rc1

Reviewed-on: https://go-review.googlesource.com/c/gofrontend/+/287493

16 files changed, 390 insertions, 639 deletions

diff --git a/libgo/go/crypto/elliptic/p224.go b/libgo/go/crypto/elliptic/p224.go
index 2ea63f3f0c0..8c760214642 100644
--- a/libgo/go/crypto/elliptic/p224.go
+++ b/libgo/go/crypto/elliptic/p224.go
@@ -386,10 +386,11 @@ func p224Invert(out, in *p224FieldElement) {
 // p224Contract converts a FieldElement to its unique, minimal form.
 //
 // On entry, in[i] < 2**29
-// On exit, in[i] < 2**28
+// On exit, out[i] < 2**28 and out < p
 func p224Contract(out, in *p224FieldElement) {
 	copy(out[:], in[:])
 
+	// First, carry the bits above 28 to the higher limb.
 	for i := 0; i < 7; i++ {
 		out[i+1] += out[i] >> 28
 		out[i] &= bottom28Bits
@@ -397,10 +398,13 @@ func p224Contract(out, in *p224FieldElement) {
 	top := out[7] >> 28
 	out[7] &= bottom28Bits
 
+	// Use the reduction identity to carry the overflow.
+	//
+	//   a + top * 2²²⁴ = a + top * 2⁹⁶ - top
 	out[0] -= top
 	out[3] += top << 12
 
-	// We may just have made out[i] negative. So we carry down. If we made
+	// We may just have made out[0] negative. So we carry down. If we made
 	// out[0] negative then we know that out[3] is sufficiently positive
 	// because we just added to it.
 	for i := 0; i < 3; i++ {
@@ -425,13 +429,12 @@ func p224Contract(out, in *p224FieldElement) {
 	// There are two cases to consider for out[3]:
 	//   1) The first time that we eliminated top, we didn't push out[3] over
 	//      2**28. In this case, the partial carry chain didn't change any values
-	//      and top is zero.
+	//      and top is now zero.
 	//   2) We did push out[3] over 2**28 the first time that we eliminated top.
-	//      The first value of top was in [0..16), therefore, prior to eliminating
-	//      the first top, 0xfff1000 <= out[3] <= 0xfffffff. Therefore, after
-	//      overflowing and being reduced by the second carry chain, out[3] <=
-	//      0xf000. Thus it cannot have overflowed when we eliminated top for the
-	//      second time.
+	//      The first value of top was in [0..2], therefore, after overflowing
+	//      and being reduced by the second carry chain, out[3] <= 2<<12 - 1.
+	// In both cases, out[3] cannot have overflowed when we eliminated top for
+	// the second time.
 
 	// Again, we may just have made out[0] negative, so do the same carry down.
 	// As before, if we made out[0] negative then we know that out[3] is
@@ -470,12 +473,11 @@ func p224Contract(out, in *p224FieldElement) {
 	bottom3NonZero |= bottom3NonZero >> 1
 	bottom3NonZero = uint32(int32(bottom3NonZero<<31) >> 31)
 
-	// Everything depends on the value of out[3].
-	//    If it's > 0xffff000 and top4AllOnes != 0 then the whole value is >= p
-	//    If it's = 0xffff000 and top4AllOnes != 0 and bottom3NonZero != 0,
-	//      then the whole value is >= p
+	// Assuming top4AllOnes != 0, everything depends on the value of out[3].
+	//    If it's > 0xffff000 then the whole value is > p
+	//    If it's = 0xffff000 and bottom3NonZero != 0, then the whole value is >= p
 	//    If it's < 0xffff000, then the whole value is < p
-	n := out[3] - 0xffff000
+	n := 0xffff000 - out[3]
 	out3Equal := n
 	out3Equal |= out3Equal >> 16
 	out3Equal |= out3Equal >> 8
@@ -484,8 +486,8 @@ func p224Contract(out, in *p224FieldElement) {
 	out3Equal |= out3Equal >> 1
 	out3Equal = ^uint32(int32(out3Equal<<31) >> 31)
 
-	// If out[3] > 0xffff000 then n's MSB will be zero.
-	out3GT := ^uint32(int32(n) >> 31)
+	// If out[3] > 0xffff000 then n's MSB will be one.
+	out3GT := uint32(int32(n) >> 31)
 
 	mask := top4AllOnes & ((out3Equal & bottom3NonZero) | out3GT)
 	out[0] -= 1 & mask
@@ -494,6 +496,15 @@ func p224Contract(out, in *p224FieldElement) {
 	out[5] -= 0xfffffff & mask
 	out[6] -= 0xfffffff & mask
 	out[7] -= 0xfffffff & mask
+
+	// Do one final carry down, in case we made out[0] negative. One of
+	// out[0..3] needs to be positive and able to absorb the -1 or the value
+	// would have been < p, and the subtraction wouldn't have happened.
+	for i := 0; i < 3; i++ {
+		mask := uint32(int32(out[i]) >> 31)
+		out[i] += (1 << 28) & mask
+		out[i+1] -= 1 & mask
+	}
 }
 
 // Group element functions.
diff --git a/libgo/go/crypto/elliptic/p224_test.go b/libgo/go/crypto/elliptic/p224_test.go
index 8b4fa0483b6..c3141b6ab4d 100644
--- a/libgo/go/crypto/elliptic/p224_test.go
+++ b/libgo/go/crypto/elliptic/p224_test.go
@@ -6,7 +6,11 @@ package elliptic
 
 import (
 	"math/big"
+	"math/bits"
+	"math/rand"
+	"reflect"
 	"testing"
+	"testing/quick"
 )
 
 var toFromBigTests = []string{
@@ -21,16 +25,16 @@ func p224AlternativeToBig(in *p224FieldElement) *big.Int {
 	ret := new(big.Int)
 	tmp := new(big.Int)
 
-	for i := uint(0); i < 8; i++ {
+	for i := len(in) - 1; i >= 0; i-- {
+		ret.Lsh(ret, 28)
 		tmp.SetInt64(int64(in[i]))
-		tmp.Lsh(tmp, 28*i)
 		ret.Add(ret, tmp)
 	}
-	ret.Mod(ret, p224.P)
+	ret.Mod(ret, P224().Params().P)
 	return ret
 }
 
-func TestToFromBig(t *testing.T) {
+func TestP224ToFromBig(t *testing.T) {
 	for i, test := range toFromBigTests {
 		n, _ := new(big.Int).SetString(test, 16)
 		var x p224FieldElement
@@ -41,7 +45,270 @@ func TestToFromBig(t *testing.T) {
 		}
 		q := p224AlternativeToBig(&x)
 		if n.Cmp(q) != 0 {
-			t.Errorf("#%d: %x != %x (alternative)", i, n, m)
+			t.Errorf("#%d: %x != %x (alternative)", i, n, q)
 		}
 	}
 }
+
+// quickCheckConfig32 will make each quickcheck test run (32 * -quickchecks)
+// times. The default value of -quickchecks is 100.
+var quickCheckConfig32 = &quick.Config{MaxCountScale: 32}
+
+// weirdLimbs can be combined to generate a range of edge-case field elements.
+var weirdLimbs = [...]uint32{
+	0, 1, (1 << 29) - 1,
+	(1 << 12), (1 << 12) - 1,
+	(1 << 28), (1 << 28) - 1,
+}
+
+func generateLimb(rand *rand.Rand) uint32 {
+	const bottom29Bits = 0x1fffffff
+	n := rand.Intn(len(weirdLimbs) + 3)
+	switch n {
+	case len(weirdLimbs):
+		// Random value.
+		return uint32(rand.Int31n(1 << 29))
+	case len(weirdLimbs) + 1:
+		// Sum of two values.
+		k := generateLimb(rand) + generateLimb(rand)
+		return k & bottom29Bits
+	case len(weirdLimbs) + 2:
+		// Difference of two values.
+		k := generateLimb(rand) - generateLimb(rand)
+		return k & bottom29Bits
+	default:
+		return weirdLimbs[n]
+	}
+}
+
+func (p224FieldElement) Generate(rand *rand.Rand, size int) reflect.Value {
+	return reflect.ValueOf(p224FieldElement{
+		generateLimb(rand),
+		generateLimb(rand),
+		generateLimb(rand),
+		generateLimb(rand),
+		generateLimb(rand),
+		generateLimb(rand),
+		generateLimb(rand),
+		generateLimb(rand),
+	})
+}
+
+func isInBounds(x *p224FieldElement) bool {
+	return bits.Len32(x[0]) <= 29 &&
+		bits.Len32(x[1]) <= 29 &&
+		bits.Len32(x[2]) <= 29 &&
+		bits.Len32(x[3]) <= 29 &&
+		bits.Len32(x[4]) <= 29 &&
+		bits.Len32(x[5]) <= 29 &&
+		bits.Len32(x[6]) <= 29 &&
+		bits.Len32(x[7]) <= 29
+}
+
+func TestP224Mul(t *testing.T) {
+	mulMatchesBigInt := func(a, b, out p224FieldElement) bool {
+		var tmp p224LargeFieldElement
+		p224Mul(&out, &a, &b, &tmp)
+
+		exp := new(big.Int).Mul(p224AlternativeToBig(&a), p224AlternativeToBig(&b))
+		exp.Mod(exp, P224().Params().P)
+		got := p224AlternativeToBig(&out)
+		if exp.Cmp(got) != 0 || !isInBounds(&out) {
+			t.Logf("a = %x", a)
+			t.Logf("b = %x", b)
+			t.Logf("p224Mul(a, b) = %x = %v", out, got)
+			t.Logf("a * b = %v", exp)
+			return false
+		}
+
+		return true
+	}
+
+	a := p224FieldElement{0xfffffff, 0xfffffff, 0xf00ffff, 0x20f, 0x0, 0x0, 0x0, 0x0}
+	b := p224FieldElement{1, 0, 0, 0, 0, 0, 0, 0}
+	if !mulMatchesBigInt(a, b, p224FieldElement{}) {
+		t.Fail()
+	}
+
+	if err := quick.Check(mulMatchesBigInt, quickCheckConfig32); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestP224Square(t *testing.T) {
+	squareMatchesBigInt := func(a, out p224FieldElement) bool {
+		var tmp p224LargeFieldElement
+		p224Square(&out, &a, &tmp)
+
+		exp := p224AlternativeToBig(&a)
+		exp.Mul(exp, exp)
+		exp.Mod(exp, P224().Params().P)
+		got := p224AlternativeToBig(&out)
+		if exp.Cmp(got) != 0 || !isInBounds(&out) {
+			t.Logf("a = %x", a)
+			t.Logf("p224Square(a, b) = %x = %v", out, got)
+			t.Logf("a * a = %v", exp)
+			return false
+		}
+
+		return true
+	}
+
+	if err := quick.Check(squareMatchesBigInt, quickCheckConfig32); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestP224Add(t *testing.T) {
+	addMatchesBigInt := func(a, b, out p224FieldElement) bool {
+		p224Add(&out, &a, &b)
+
+		exp := new(big.Int).Add(p224AlternativeToBig(&a), p224AlternativeToBig(&b))
+		exp.Mod(exp, P224().Params().P)
+		got := p224AlternativeToBig(&out)
+		if exp.Cmp(got) != 0 {
+			t.Logf("a = %x", a)
+			t.Logf("b = %x", b)
+			t.Logf("p224Add(a, b) = %x = %v", out, got)
+			t.Logf("a + b = %v", exp)
+			return false
+		}
+
+		return true
+	}
+
+	if err := quick.Check(addMatchesBigInt, quickCheckConfig32); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestP224Reduce(t *testing.T) {
+	reduceMatchesBigInt := func(a p224FieldElement) bool {
+		out := a
+		// TODO: generate higher values for functions like p224Reduce that are
+		// expected to work with higher input bounds.
+		p224Reduce(&out)
+
+		exp := p224AlternativeToBig(&a)
+		got := p224AlternativeToBig(&out)
+		if exp.Cmp(got) != 0 || !isInBounds(&out) {
+			t.Logf("a = %x = %v", a, exp)
+			t.Logf("p224Reduce(a) = %x = %v", out, got)
+			return false
+		}
+
+		return true
+	}
+
+	if err := quick.Check(reduceMatchesBigInt, quickCheckConfig32); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestP224Contract(t *testing.T) {
+	contractMatchesBigInt := func(a, out p224FieldElement) bool {
+		p224Contract(&out, &a)
+
+		exp := p224AlternativeToBig(&a)
+		got := p224AlternativeToBig(&out)
+		if exp.Cmp(got) != 0 {
+			t.Logf("a = %x = %v", a, exp)
+			t.Logf("p224Contract(a) = %x = %v", out, got)
+			return false
+		}
+
+		// Check that out < P.
+		for i := range p224P {
+			k := 8 - i - 1
+			if out[k] > p224P[k] {
+				t.Logf("p224Contract(a) = %x", out)
+				return false
+			}
+			if out[k] < p224P[k] {
+				return true
+			}
+		}
+		t.Logf("p224Contract(a) = %x", out)
+		return false
+	}
+
+	if !contractMatchesBigInt(p224P, p224FieldElement{}) {
+		t.Error("p224Contract(p) is broken")
+	}
+	pMinus1 := p224FieldElement{0, 0, 0, 0xffff000, 0xfffffff, 0xfffffff, 0xfffffff, 0xfffffff}
+	if !contractMatchesBigInt(pMinus1, p224FieldElement{}) {
+		t.Error("p224Contract(p - 1) is broken")
+	}
+	// Check that we can handle input above p, but lowest limb zero.
+	a := p224FieldElement{0, 1, 0, 0xffff000, 0xfffffff, 0xfffffff, 0xfffffff, 0xfffffff}
+	if !contractMatchesBigInt(a, p224FieldElement{}) {
+		t.Error("p224Contract(p + 2²⁸) is broken")
+	}
+	// Check that we can handle input above p, but lowest three limbs zero.
+	b := p224FieldElement{0, 0, 0, 0xffff001, 0xfffffff, 0xfffffff, 0xfffffff, 0xfffffff}
+	if !contractMatchesBigInt(b, p224FieldElement{}) {
+		t.Error("p224Contract(p + 2⁸⁴) is broken")
+	}
+
+	if err := quick.Check(contractMatchesBigInt, quickCheckConfig32); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestP224IsZero(t *testing.T) {
+	if got := p224IsZero(&p224FieldElement{}); got != 1 {
+		t.Errorf("p224IsZero(0) = %d, expected 1", got)
+	}
+	if got := p224IsZero((*p224FieldElement)(&p224P)); got != 1 {
+		t.Errorf("p224IsZero(p) = %d, expected 1", got)
+	}
+	if got := p224IsZero(&p224FieldElement{1}); got != 0 {
+		t.Errorf("p224IsZero(1) = %d, expected 0", got)
+	}
+
+	isZeroMatchesBigInt := func(a p224FieldElement) bool {
+		isZero := p224IsZero(&a)
+
+		big := p224AlternativeToBig(&a)
+		if big.Sign() == 0 && isZero != 1 {
+			return false
+		}
+		if big.Sign() != 0 && isZero != 0 {
+			return false
+		}
+		return true
+	}
+
+	if err := quick.Check(isZeroMatchesBigInt, quickCheckConfig32); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestP224Invert(t *testing.T) {
+	var out p224FieldElement
+
+	p224Invert(&out, &p224FieldElement{})
+	if got := p224IsZero(&out); got != 1 {
+		t.Errorf("p224Invert(0) = %x, expected 0", out)
+	}
+
+	p224Invert(&out, (*p224FieldElement)(&p224P))
+	if got := p224IsZero(&out); got != 1 {
+		t.Errorf("p224Invert(p) = %x, expected 0", out)
+	}
+
+	p224Invert(&out, &p224FieldElement{1})
+	p224Contract(&out, &out)
+	if out != (p224FieldElement{1}) {
+		t.Errorf("p224Invert(1) = %x, expected 1", out)
+	}
+
+	var tmp p224LargeFieldElement
+	a := p224FieldElement{1, 2, 3, 4, 5, 6, 7, 8}
+	p224Invert(&out, &a)
+	p224Mul(&out, &out, &a, &tmp)
+	p224Contract(&out, &out)
+	if out != (p224FieldElement{1}) {
+		t.Errorf("p224Invert(a) * a = %x, expected 1", out)
+	}
+}
diff --git a/libgo/go/crypto/rand/rand_windows.go b/libgo/go/crypto/rand/rand_windows.go
index 8b2c960906a..7379f1489ad 100644
--- a/libgo/go/crypto/rand/rand_windows.go
+++ b/libgo/go/crypto/rand/rand_windows.go
@@ -8,8 +8,8 @@
 package rand
 
 import (
+	"internal/syscall/windows"
 	"os"
-	"syscall"
 )
 
 func init() { Reader = &rngReader{} }
@@ -24,7 +24,7 @@ func (r *rngReader) Read(b []byte) (n int, err error) {
 		return 0, nil
 	}
 
-	err = syscall.RtlGenRandom(&b[0], inputLen)
+	err = windows.RtlGenRandom(b)
 	if err != nil {
 		return 0, os.NewSyscallError("RtlGenRandom", err)
 	}
diff --git a/libgo/go/crypto/tls/common.go b/libgo/go/crypto/tls/common.go
index 5b68742975c..eec6e1ebbd9 100644
--- a/libgo/go/crypto/tls/common.go
+++ b/libgo/go/crypto/tls/common.go
@@ -7,7 +7,6 @@ package tls
 import (
 	"bytes"
 	"container/list"
-	"context"
 	"crypto"
 	"crypto/ecdsa"
 	"crypto/ed25519"
@@ -444,16 +443,6 @@ type ClientHelloInfo struct {
 	// config is embedded by the GetCertificate or GetConfigForClient caller,
 	// for use with SupportsCertificate.
 	config *Config
-
-	// ctx is the context of the handshake that is in progress.
-	ctx context.Context
-}
-
-// Context returns the context of the handshake that is in progress.
-// This context is a child of the context passed to HandshakeContext,
-// if any, and is canceled when the handshake concludes.
-func (c *ClientHelloInfo) Context() context.Context {
-	return c.ctx
 }
 
 // CertificateRequestInfo contains information from a server's
@@ -472,16 +461,6 @@ type CertificateRequestInfo struct {
 
 	// Version is the TLS version that was negotiated for this connection.
 	Version uint16
-
-	// ctx is the context of the handshake that is in progress.
-	ctx context.Context
-}
-
-// Context returns the context of the handshake that is in progress.
-// This context is a child of the context passed to HandshakeContext,
-// if any, and is canceled when the handshake concludes.
-func (c *CertificateRequestInfo) Context() context.Context {
-	return c.ctx
 }
 
 // RenegotiationSupport enumerates the different levels of support for TLS
diff --git a/libgo/go/crypto/tls/conn.go b/libgo/go/crypto/tls/conn.go
index 969f357834c..72ad52c194b 100644
--- a/libgo/go/crypto/tls/conn.go
+++ b/libgo/go/crypto/tls/conn.go
@@ -8,7 +8,6 @@ package tls
 
 import (
 	"bytes"
-	"context"
 	"crypto/cipher"
 	"crypto/subtle"
 	"crypto/x509"
@@ -28,7 +27,7 @@ type Conn struct {
 	// constant
 	conn        net.Conn
 	isClient    bool
-	handshakeFn func(context.Context) error // (*Conn).clientHandshake or serverHandshake
+	handshakeFn func() error // (*Conn).clientHandshake or serverHandshake
 
 	// handshakeStatus is 1 if the connection is currently transferring
 	// application data (i.e. is not currently processing a handshake).
@@ -1191,7 +1190,7 @@ func (c *Conn) handleRenegotiation() error {
 	defer c.handshakeMutex.Unlock()
 
 	atomic.StoreUint32(&c.handshakeStatus, 0)
-	if c.handshakeErr = c.clientHandshake(context.Background()); c.handshakeErr == nil {
+	if c.handshakeErr = c.clientHandshake(); c.handshakeErr == nil {
 		c.handshakes++
 	}
 	return c.handshakeErr
@@ -1374,61 +1373,8 @@ func (c *Conn) closeNotify() error {
 // first Read or Write will call it automatically.
 //
 // For control over canceling or setting a timeout on a handshake, use
-// HandshakeContext or the Dialer's DialContext method instead.
+// the Dialer's DialContext method.
 func (c *Conn) Handshake() error {
-	return c.HandshakeContext(context.Background())
-}
-
-// HandshakeContext runs the client or server handshake
-// protocol if it has not yet been run.
-//
-// The provided Context must be non-nil. If the context is canceled before
-// the handshake is complete, the handshake is interrupted and an error is returned.
-// Once the handshake has completed, cancellation of the context will not affect the
-// connection.
-//
-// Most uses of this package need not call HandshakeContext explicitly: the
-// first Read or Write will call it automatically.
-func (c *Conn) HandshakeContext(ctx context.Context) error {
-	// Delegate to unexported method for named return
-	// without confusing documented signature.
-	return c.handshakeContext(ctx)
-}
-
-func (c *Conn) handshakeContext(ctx context.Context) (ret error) {
-	handshakeCtx, cancel := context.WithCancel(ctx)
-	// Note: defer this before starting the "interrupter" goroutine
-	// so that we can tell the difference between the input being canceled and
-	// this cancellation. In the former case, we need to close the connection.
-	defer cancel()
-
-	// Start the "interrupter" goroutine, if this context might be canceled.
-	// (The background context cannot).
-	//
-	// The interrupter goroutine waits for the input context to be done and
-	// closes the connection if this happens before the function returns.
-	if ctx.Done() != nil {
-		done := make(chan struct{})
-		interruptRes := make(chan error, 1)
-		defer func() {
-			close(done)
-			if ctxErr := <-interruptRes; ctxErr != nil {
-				// Return context error to user.
-				ret = ctxErr
-			}
-		}()
-		go func() {
-			select {
-			case <-handshakeCtx.Done():
-				// Close the connection, discarding the error
-				_ = c.conn.Close()
-				interruptRes <- handshakeCtx.Err()
-			case <-done:
-				interruptRes <- nil
-			}
-		}()
-	}
-
 	c.handshakeMutex.Lock()
 	defer c.handshakeMutex.Unlock()
 
@@ -1442,7 +1388,7 @@ func (c *Conn) handshakeContext(ctx context.Context) (ret error) {
 	c.in.Lock()
 	defer c.in.Unlock()
 
-	c.handshakeErr = c.handshakeFn(handshakeCtx)
+	c.handshakeErr = c.handshakeFn()
 	if c.handshakeErr == nil {
 		c.handshakes++
 	} else {
diff --git a/libgo/go/crypto/tls/handshake_client.go b/libgo/go/crypto/tls/handshake_client.go
index 92e33e71690..e684b21d527 100644
--- a/libgo/go/crypto/tls/handshake_client.go
+++ b/libgo/go/crypto/tls/handshake_client.go
@@ -6,7 +6,6 @@ package tls
 
 import (
 	"bytes"
-	"context"
 	"crypto"
 	"crypto/ecdsa"
 	"crypto/ed25519"
@@ -25,7 +24,6 @@ import (
 
 type clientHandshakeState struct {
 	c            *Conn
-	ctx          context.Context
 	serverHello  *serverHelloMsg
 	hello        *clientHelloMsg
 	suite        *cipherSuite
@@ -136,7 +134,7 @@ func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) {
 	return hello, params, nil
 }
 
-func (c *Conn) clientHandshake(ctx context.Context) (err error) {
+func (c *Conn) clientHandshake() (err error) {
 	if c.config == nil {
 		c.config = defaultConfig()
 	}
@@ -200,7 +198,6 @@ func (c *Conn) clientHandshake(ctx context.Context) (err error) {
 	if c.vers == VersionTLS13 {
 		hs := &clientHandshakeStateTLS13{
 			c:           c,
-			ctx:         ctx,
 			serverHello: serverHello,
 			hello:       hello,
 			ecdheParams: ecdheParams,
@@ -215,7 +212,6 @@ func (c *Conn) clientHandshake(ctx context.Context) (err error) {
 
 	hs := &clientHandshakeState{
 		c:           c,
-		ctx:         ctx,
 		serverHello: serverHello,
 		hello:       hello,
 		session:     session,
@@ -544,7 +540,7 @@ func (hs *clientHandshakeState) doFullHandshake() error {
 		certRequested = true
 		hs.finishedHash.Write(certReq.marshal())
 
-		cri := certificateRequestInfoFromMsg(hs.ctx, c.vers, certReq)
+		cri := certificateRequestInfoFromMsg(c.vers, certReq)
 		if chainToSend, err = c.getClientCertificate(cri); err != nil {
 			c.sendAlert(alertInternalError)
 			return err
@@ -884,11 +880,10 @@ func (c *Conn) verifyServerCertificate(certificates [][]byte) error {
 
 // certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS
 // <= 1.2 CertificateRequest, making an effort to fill in missing information.
-func certificateRequestInfoFromMsg(ctx context.Context, vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo {
+func certificateRequestInfoFromMsg(vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo {
 	cri := &CertificateRequestInfo{
 		AcceptableCAs: certReq.certificateAuthorities,
 		Version:       vers,
-		ctx:           ctx,
 	}
 
 	var rsaAvail, ecAvail bool
diff --git a/libgo/go/crypto/tls/handshake_client_test.go b/libgo/go/crypto/tls/handshake_client_test.go
index 8889e2c8c33..12b0254123e 100644
--- a/libgo/go/crypto/tls/handshake_client_test.go
+++ b/libgo/go/crypto/tls/handshake_client_test.go
@@ -6,7 +6,6 @@ package tls
 
 import (
 	"bytes"
-	"context"
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/base64"
@@ -21,7 +20,6 @@ import (
 	"os/exec"
 	"path/filepath"
 	"reflect"
-	"runtime"
 	"strconv"
 	"strings"
 	"testing"
@@ -2513,37 +2511,3 @@ func testResumptionKeepsOCSPAndSCT(t *testing.T, ver uint16) {
 			serverConfig.Certificates[0].SignedCertificateTimestamps, ccs.SignedCertificateTimestamps)
 	}
 }
-
-func TestClientHandshakeContextCancellation(t *testing.T) {
-	c, s := localPipe(t)
-	serverConfig := testConfig.Clone()
-	serverErr := make(chan error, 1)
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
-	go func() {
-		defer close(serverErr)
-		defer s.Close()
-		conn := Server(s, serverConfig)
-		_, err := conn.readClientHello(ctx)
-		cancel()
-		serverErr <- err
-	}()
-	cli := Client(c, testConfig)
-	err := cli.HandshakeContext(ctx)
-	if err == nil {
-		t.Fatal("Client handshake did not error when the context was canceled")
-	}
-	if err != context.Canceled {
-		t.Errorf("Unexpected client handshake error: %v", err)
-	}
-	if err := <-serverErr; err != nil {
-		t.Errorf("Unexpected server error: %v", err)
-	}
-	if runtime.GOARCH == "wasm" {
-		t.Skip("conn.Close does not error as expected when called multiple times on WASM")
-	}
-	err = cli.Close()
-	if err == nil {
-		t.Error("Client connection was not closed when the context was canceled")
-	}
-}
diff --git a/libgo/go/crypto/tls/handshake_client_tls13.go b/libgo/go/crypto/tls/handshake_client_tls13.go
index be37c681c6d..daa5d97fd35 100644
--- a/libgo/go/crypto/tls/handshake_client_tls13.go
+++ b/libgo/go/crypto/tls/handshake_client_tls13.go
@@ -6,7 +6,6 @@ package tls
 
 import (
 	"bytes"
-	"context"
 	"crypto"
 	"crypto/hmac"
 	"crypto/rsa"
@@ -18,7 +17,6 @@ import (
 
 type clientHandshakeStateTLS13 struct {
 	c           *Conn
-	ctx         context.Context
 	serverHello *serverHelloMsg
 	hello       *clientHelloMsg
 	ecdheParams ecdheParameters
@@ -557,7 +555,6 @@ func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
 		AcceptableCAs:    hs.certReq.certificateAuthorities,
 		SignatureSchemes: hs.certReq.supportedSignatureAlgorithms,
 		Version:          c.vers,
-		ctx:              hs.ctx,
 	})
 	if err != nil {
 		return err
diff --git a/libgo/go/crypto/tls/handshake_server.go b/libgo/go/crypto/tls/handshake_server.go
index 5a572a9db10..9c3e0f636ea 100644
--- a/libgo/go/crypto/tls/handshake_server.go
+++ b/libgo/go/crypto/tls/handshake_server.go
@@ -5,7 +5,6 @@
 package tls
 
 import (
-	"context"
 	"crypto"
 	"crypto/ecdsa"
 	"crypto/ed25519"
@@ -24,7 +23,6 @@ import (
 // It's discarded once the handshake has completed.
 type serverHandshakeState struct {
 	c            *Conn
-	ctx          context.Context
 	clientHello  *clientHelloMsg
 	hello        *serverHelloMsg
 	suite        *cipherSuite
@@ -39,8 +37,8 @@ type serverHandshakeState struct {
 }
 
 // serverHandshake performs a TLS handshake as a server.
-func (c *Conn) serverHandshake(ctx context.Context) error {
-	clientHello, err := c.readClientHello(ctx)
+func (c *Conn) serverHandshake() error {
+	clientHello, err := c.readClientHello()
 	if err != nil {
 		return err
 	}
@@ -48,7 +46,6 @@ func (c *Conn) serverHandshake(ctx context.Context) error {
 	if c.vers == VersionTLS13 {
 		hs := serverHandshakeStateTLS13{
 			c:           c,
-			ctx:         ctx,
 			clientHello: clientHello,
 		}
 		return hs.handshake()
@@ -56,7 +53,6 @@ func (c *Conn) serverHandshake(ctx context.Context) error {
 
 	hs := serverHandshakeState{
 		c:           c,
-		ctx:         ctx,
 		clientHello: clientHello,
 	}
 	return hs.handshake()
@@ -128,7 +124,7 @@ func (hs *serverHandshakeState) handshake() error {
 }
 
 // readClientHello reads a ClientHello message and selects the protocol version.
-func (c *Conn) readClientHello(ctx context.Context) (*clientHelloMsg, error) {
+func (c *Conn) readClientHello() (*clientHelloMsg, error) {
 	msg, err := c.readHandshake()
 	if err != nil {
 		return nil, err
@@ -142,7 +138,7 @@ func (c *Conn) readClientHello(ctx context.Context) (*clientHelloMsg, error) {
 	var configForClient *Config
 	originalConfig := c.config
 	if c.config.GetConfigForClient != nil {
-		chi := clientHelloInfo(ctx, c, clientHello)
+		chi := clientHelloInfo(c, clientHello)
 		if configForClient, err = c.config.GetConfigForClient(chi); err != nil {
 			c.sendAlert(alertInternalError)
 			return nil, err
@@ -224,7 +220,7 @@ func (hs *serverHandshakeState) processClientHello() error {
 		}
 	}
 
-	hs.cert, err = c.config.getCertificate(clientHelloInfo(hs.ctx, c, hs.clientHello))
+	hs.cert, err = c.config.getCertificate(clientHelloInfo(c, hs.clientHello))
 	if err != nil {
 		if err == errNoCertificates {
 			c.sendAlert(alertUnrecognizedName)
@@ -832,7 +828,7 @@ func (c *Conn) processCertsFromClient(certificate Certificate) error {
 	return nil
 }
 
-func clientHelloInfo(ctx context.Context, c *Conn, clientHello *clientHelloMsg) *ClientHelloInfo {
+func clientHelloInfo(c *Conn, clientHello *clientHelloMsg) *ClientHelloInfo {
 	supportedVersions := clientHello.supportedVersions
 	if len(clientHello.supportedVersions) == 0 {
 		supportedVersions = supportedVersionsFromMax(clientHello.vers)
@@ -848,6 +844,5 @@ func clientHelloInfo(ctx context.Context, c *Conn, clientHello *clientHelloMsg)
 		SupportedVersions: supportedVersions,
 		Conn:              c.conn,
 		config:            c.config,
-		ctx:               ctx,
 	}
 }
diff --git a/libgo/go/crypto/tls/handshake_server_test.go b/libgo/go/crypto/tls/handshake_server_test.go
index ad851b6edf0..d6bf9e439b0 100644
--- a/libgo/go/crypto/tls/handshake_server_test.go
+++ b/libgo/go/crypto/tls/handshake_server_test.go
@@ -6,7 +6,6 @@ package tls
 
 import (
 	"bytes"
-	"context"
 	"crypto"
 	"crypto/elliptic"
 	"crypto/x509"
@@ -18,7 +17,6 @@ import (
 	"os"
 	"os/exec"
 	"path/filepath"
-	"runtime"
 	"strings"
 	"testing"
 	"time"
@@ -40,12 +38,10 @@ func testClientHelloFailure(t *testing.T, serverConfig *Config, m handshakeMessa
 		cli.writeRecord(recordTypeHandshake, m.marshal())
 		c.Close()
 	}()
-	ctx := context.Background()
 	conn := Server(s, serverConfig)
-	ch, err := conn.readClientHello(ctx)
+	ch, err := conn.readClientHello()
 	hs := serverHandshakeState{
 		c:           conn,
-		ctx:         ctx,
 		clientHello: ch,
 	}
 	if err == nil {
@@ -1425,11 +1421,9 @@ func TestSNIGivenOnFailure(t *testing.T) {
 		c.Close()
 	}()
 	conn := Server(s, serverConfig)
-	ctx := context.Background()
-	ch, err := conn.readClientHello(ctx)
+	ch, err := conn.readClientHello()
 	hs := serverHandshakeState{
 		c:           conn,
-		ctx:         ctx,
 		clientHello: ch,
 	}
 	if err == nil {
@@ -1683,46 +1677,6 @@ func TestMultipleCertificates(t *testing.T) {
 	}
 }
 
-func TestServerHandshakeContextCancellation(t *testing.T) {
-	c, s := localPipe(t)
-	clientConfig := testConfig.Clone()
-	clientErr := make(chan error, 1)
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
-	go func() {
-		defer close(clientErr)
-		defer c.Close()
-		clientHello := &clientHelloMsg{
-			vers:               VersionTLS10,
-			random:             make([]byte, 32),
-			cipherSuites:       []uint16{TLS_RSA_WITH_RC4_128_SHA},
-			compressionMethods: []uint8{compressionNone},
-		}
-		cli := Client(c, clientConfig)
-		_, err := cli.writeRecord(recordTypeHandshake, clientHello.marshal())
-		cancel()
-		clientErr <- err
-	}()
-	conn := Server(s, testConfig)
-	err := conn.HandshakeContext(ctx)
-	if err == nil {
-		t.Fatal("Server handshake did not error when the context was canceled")
-	}
-	if err != context.Canceled {
-		t.Errorf("Unexpected server handshake error: %v", err)
-	}
-	if err := <-clientErr; err != nil {
-		t.Errorf("Unexpected client error: %v", err)
-	}
-	if runtime.GOARCH == "wasm" {
-		t.Skip("conn.Close does not error as expected when called multiple times on WASM")
-	}
-	err = conn.Close()
-	if err == nil {
-		t.Error("Server connection was not closed when the context was canceled")
-	}
-}
-
 func TestAESCipherReordering(t *testing.T) {
 	currentAESSupport := hasAESGCMHardwareSupport
 	defer func() { hasAESGCMHardwareSupport = currentAESSupport; initDefaultCipherSuites() }()
diff --git a/libgo/go/crypto/tls/handshake_server_tls13.go b/libgo/go/crypto/tls/handshake_server_tls13.go
index c7837d2955d..c2c288aed43 100644
--- a/libgo/go/crypto/tls/handshake_server_tls13.go
+++ b/libgo/go/crypto/tls/handshake_server_tls13.go
@@ -6,7 +6,6 @@ package tls
 
 import (
 	"bytes"
-	"context"
 	"crypto"
 	"crypto/hmac"
 	"crypto/rsa"
@@ -24,7 +23,6 @@ const maxClientPSKIdentities = 5
 
 type serverHandshakeStateTLS13 struct {
 	c               *Conn
-	ctx             context.Context
 	clientHello     *clientHelloMsg
 	hello           *serverHelloMsg
 	sentDummyCCS    bool
@@ -376,7 +374,7 @@ func (hs *serverHandshakeStateTLS13) pickCertificate() error {
 		return c.sendAlert(alertMissingExtension)
 	}
 
-	certificate, err := c.config.getCertificate(clientHelloInfo(hs.ctx, c, hs.clientHello))
+	certificate, err := c.config.getCertificate(clientHelloInfo(c, hs.clientHello))
 	if err != nil {
 		if err == errNoCertificates {
 			c.sendAlert(alertUnrecognizedName)
diff --git a/libgo/go/crypto/tls/tls.go b/libgo/go/crypto/tls/tls.go
index 19884f96e7d..a389873d32e 100644
--- a/libgo/go/crypto/tls/tls.go
+++ b/libgo/go/crypto/tls/tls.go
@@ -25,6 +25,7 @@ import (
 	"net"
 	"os"
 	"strings"
+	"time"
 )
 
 // Server returns a new TLS server side connection
@@ -115,16 +116,28 @@ func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*
 }
 
 func dial(ctx context.Context, netDialer *net.Dialer, network, addr string, config *Config) (*Conn, error) {
-	if netDialer.Timeout != 0 {
-		var cancel context.CancelFunc
-		ctx, cancel = context.WithTimeout(ctx, netDialer.Timeout)
-		defer cancel()
-	}
+	// We want the Timeout and Deadline values from dialer to cover the
+	// whole process: TCP connection and TLS handshake. This means that we
+	// also need to start our own timers now.
+	timeout := netDialer.Timeout
 
 	if !netDialer.Deadline.IsZero() {
-		var cancel context.CancelFunc
-		ctx, cancel = context.WithDeadline(ctx, netDialer.Deadline)
-		defer cancel()
+		deadlineTimeout := time.Until(netDialer.Deadline)
+		if timeout == 0 || deadlineTimeout < timeout {
+			timeout = deadlineTimeout
+		}
+	}
+
+	// hsErrCh is non-nil if we might not wait for Handshake to complete.
+	var hsErrCh chan error
+	if timeout != 0 || ctx.Done() != nil {
+		hsErrCh = make(chan error, 2)
+	}
+	if timeout != 0 {
+		timer := time.AfterFunc(timeout, func() {
+			hsErrCh <- timeoutError{}
+		})
+		defer timer.Stop()
 	}
 
 	rawConn, err := netDialer.DialContext(ctx, network, addr)
@@ -151,10 +164,34 @@ func dial(ctx context.Context, netDialer *net.Dialer, network, addr string, conf
 	}
 
 	conn := Client(rawConn, config)
-	if err := conn.HandshakeContext(ctx); err != nil {
+
+	if hsErrCh == nil {
+		err = conn.Handshake()
+	} else {
+		go func() {
+			hsErrCh <- conn.Handshake()
+		}()
+
+		select {
+		case <-ctx.Done():
+			err = ctx.Err()
+		case err = <-hsErrCh:
+			if err != nil {
+				// If the error was due to the context
+				// closing, prefer the context's error, rather
+				// than some random network teardown error.
+				if e := ctx.Err(); e != nil {
+					err = e
+				}
+			}
+		}
+	}
+
+	if err != nil {
 		rawConn.Close()
 		return nil, err
 	}
+
 	return conn, nil
 }
 
diff --git a/libgo/go/crypto/x509/root.go b/libgo/go/crypto/x509/root.go
index ac92915128d..cc53f7aefca 100644
--- a/libgo/go/crypto/x509/root.go
+++ b/libgo/go/crypto/x509/root.go
@@ -4,7 +4,11 @@
 
 package x509
 
-//go:generate go run root_ios_gen.go -version 55161.140.3
+// To update the embedded iOS root store, update the -version
+// argument to the latest security_certificates version from
+// https://opensource.apple.com/source/security_certificates/
+// and run "go generate". See https://golang.org/issue/38843.
+//go:generate go run root_ios_gen.go -version 55188.40.9
 
 import "sync"
 
diff --git a/libgo/go/crypto/x509/root_ios.go b/libgo/go/crypto/x509/root_ios.go
index cb3529d6d53..d2dfb62b77c 100644
--- a/libgo/go/crypto/x509/root_ios.go
+++ b/libgo/go/crypto/x509/root_ios.go
@@ -1,4 +1,4 @@
-// Code generated by root_ios_gen.go -version 55161.140.3; DO NOT EDIT.
+// Code generated by root_ios_gen.go -version 55188.40.9; DO NOT EDIT.
 // Update the version in root.go and regenerate with "go generate".
 
 // +build ios
@@ -116,61 +116,6 @@ ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
 LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 -----END CERTIFICATE-----
-# "AddTrust Class 1 CA Root"
-# 8C 72 09 27 9A C0 4E 27 5E 16 D0 7F D3 B7 75 E8
-# 01 54 B5 96 80 46 E3 1F 52 DD 25 76 63 24 E9 A7
------BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
-MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
-VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
-CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
-tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
-dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
-PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
-+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
-BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
-MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
-ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
-IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
-7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
-43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
-eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
-pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
------END CERTIFICATE-----
-# "AddTrust External CA Root"
-# 68 7F A4 51 38 22 78 FF F0 C8 B1 1F 8D 43 D5 76
-# 67 1C 6E B2 BC EA B4 13 FB 83 D9 65 D0 6D 2F F2
------BEGIN CERTIFICATE-----
-MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
-IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
-MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
-FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
-bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
-dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
-H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
-uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
-mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
-a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
-E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
-WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
-VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
-Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
-cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
-IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
-AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
-YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
-6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
-Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
-c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
-mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
------END CERTIFICATE-----
 # "Admin-Root-CA"
 # A3 1F 09 30 53 BD 12 C1 F5 C3 C6 EF D4 98 02 3F
 # D2 91 4D 77 58 D0 5D 69 8C E0 84 B5 06 26 E0 E5
@@ -1249,31 +1194,6 @@ Bvt9YAretIpjsJyp8qS5UwGH0GikJ3+r/+n6yUA4iGe0OcaEb1fJU9u6ju7AQ7L4
 CYNu/2bPPu8Xs1gYJQk0XuPL1hS27PKSb3TkL4Eq1ZKR4OCXPDJoBYVL0fdX4lId
 kxpUnwVwwEpxYB5DC2Ae/qPOgRnhCzU=
 -----END CERTIFICATE-----
-# "Class 2 Primary CA"
-# 0F 99 3C 8A EF 97 BA AF 56 87 14 0E D5 9A D1 82
-# 1B B4 AF AC F0 AA 9A 58 B5 D5 7A 33 8A 3A FB CB
------BEGIN CERTIFICATE-----
-MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
-PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
-cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9
-MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz
-IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ
-ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR
-VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL
-kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd
-EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas
-H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0
-HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud
-DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4
-QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu
-Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/
-AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8
-yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR
-FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA
-ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
-kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
-l7+ijrRU
------END CERTIFICATE-----
 # "COMODO Certification Authority"
 # 0C 2C D6 3D F7 80 6F A3 99 ED E8 09 11 6B 57 5B
 # F8 79 89 F0 65 18 F9 80 8C 86 05 03 17 8B AF 66
@@ -1529,31 +1449,6 @@ CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na
 xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
 KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
 -----END CERTIFICATE-----
-# "Deutsche Telekom Root CA 2"
-# B6 19 1A 50 D0 C3 97 7F 7D A9 9B CD AA C8 6A 22
-# 7D AE B9 67 9E C7 0B A3 B0 C9 D9 22 71 C1 70 D3
------BEGIN CERTIFICATE-----
-MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
-MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
-IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
-IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
-RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
-U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
-IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
-ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
-QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
-rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
-NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
-QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
-txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
-BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
-tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
-IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
-6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
-xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
-Cm26OWMohpLzGITY+9HPBVZkVw==
------END CERTIFICATE-----
 # "Developer ID Certification Authority"
 # 7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68
 # 09 0D 2D E1 8D 03 F2 9C 88 CF B0 B1 BA 63 58 7F
@@ -1801,29 +1696,6 @@ R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
 -----END CERTIFICATE-----
-# "DST Root CA X4"
-# 9A 73 92 9A 50 0F 1A 0B F4 9D CB 04 6E 80 39 16
-# 96 96 55 73 45 E9 F8 13 F1 0F F9 38 0D B2 26 95
------BEGIN CERTIFICATE-----
-MIIDOzCCAiOgAwIBAgIRANAeRlAAACmMAAAAAgAAAAIwDQYJKoZIhvcNAQEFBQAw
-PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
-Ew5EU1QgUm9vdCBDQSBYNDAeFw0wMDA5MTMwNjIyNTBaFw0yMDA5MTMwNjIyNTBa
-MD8xJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEXMBUGA1UE
-AxMORFNUIFJvb3QgQ0EgWDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCthX3OFEYY8gSeIYur0O4ypOT68HnDrjLfIutL5PZHRwQGjzCPb9PFo/ihboJ8
-RvfGhBAqpQCo47zwYEhpWm1jB+L/OE/dBBiyn98krfU2NiBKSom2J58RBeAwHGEy
-cO+lewyjVvbDDLUy4CheY059vfMjPAftCRXjqSZIolQb9FdPcAoa90mFwB7rKniE
-J7vppdrUScSS0+eBrHSUPLdvwyn4RGp+lSwbWYcbg5EpSpE0GRJdchic0YDjvIoC
-YHpe7Rkj93PYRTQyU4bhC88ck8tMqbvRYqMRqR+vobbkrj5LLCOQCHV5WEoxWh+0
-E2SpIFe7RkV++MmpIAc0h1tZAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFPCD6nPIP1ubWzdf9UyPWvf0hki9MA0GCSqGSIb3DQEBBQUAA4IBAQCE
-G85wl5eEWd7adH6XW/ikGN5salvpq/Fix6yVTzE6CrhlP5LBdkf6kx1bSPL18M45
-g0rw2zA/MWOhJ3+S6U+BE0zPGCuu8YQaZibR7snm3HiHUaZNMu5c8D0x0bcMxDjY
-AVVcHCoNiL53Q4PLW27nbY6wwG0ffFKmgV3blxrYWfuUDgGpyPwHwkfVFvz9qjaV
-mf12VJffL6W8omBPtgteb6UaT/k1oJ7YI0ldGf+ngpVbRhD+LC3cUtT6GO/BEPZu
-8YTV/hbiDH5v3khVqMIeKT6o8IuXGG7F6a6vKwP1F1FwTXf4UC/ivhme7vdUH7B/
-Vv4AEbT8dNfEeFxrkDbh
------END CERTIFICATE-----
 # "E-Tugra Certification Authority"
 # B0 BF D5 2B B0 D7 D9 BD 92 BF 5D 4D C1 3D A2 55
 # C0 2C 54 2F 37 83 65 EA 89 39 11 F5 5E 55 F2 3C
@@ -2671,39 +2543,6 @@ EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
 fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
 AmvZWg==
 -----END CERTIFICATE-----
-# "I.CA - Qualified Certification Authority, 09/2009"
-# C0 C0 5A 8D 8D A5 5E AF 27 AA 9B 91 0B 0A 6E F0
-# D8 BB DE D3 46 92 8D B8 72 E1 82 C2 07 3E 98 02
------BEGIN CERTIFICATE-----
-MIIFHjCCBAagAwIBAgIEAKA3oDANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
-Q1oxOjA4BgNVBAMMMUkuQ0EgLSBRdWFsaWZpZWQgQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHksIDA5LzIwMDkxLTArBgNVBAoMJFBydm7DrSBjZXJ0aWZpa2HEjW7DrSBh
-dXRvcml0YSwgYS5zLjE9MDsGA1UECww0SS5DQSAtIEFjY3JlZGl0ZWQgUHJvdmlk
-ZXIgb2YgQ2VydGlmaWNhdGlvbiBTZXJ2aWNlczAeFw0wOTA5MDEwMDAwMDBaFw0x
-OTA5MDEwMDAwMDBaMIG3MQswCQYDVQQGEwJDWjE6MDgGA1UEAwwxSS5DQSAtIFF1
-YWxpZmllZCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSwgMDkvMjAwOTEtMCsGA1UE
-CgwkUHJ2bsOtIGNlcnRpZmlrYcSNbsOtIGF1dG9yaXRhLCBhLnMuMT0wOwYDVQQL
-DDRJLkNBIC0gQWNjcmVkaXRlZCBQcm92aWRlciBvZiBDZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTaEy0KC8M9l
-4lSaWHMs4+sVV1LwzyJYiIQNeCrv1HHm/YpGIdY/Z640ceankjQvIX7m23BK4OSC
-6KO8kZYA3zopOz6GFCOKV2PvLukbc+c2imF6kLHEv6qNA8WxhPbR3xKwlHDwB2yh
-Wzo7V3QVgDRG83sugqQntKYC3LnlTGbJpNP+Az72gpO9AHUn/IBhFk4ksc8lYS2L
-9GCy9CsmdKSBP78p9w8Lx7vDLqkDgt1/zBrcUWmSSb7AE/BPEeMryQV1IdI6nlGn
-BhWkXOYf6GSdayJw86btuxC7viDKNrbp44HjQRaSxnp6O3eto1x4DfiYdw/YbJFe
-7EjkxSQBywIDAQABo4IBLjCCASowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
-BAMCAQYwgecGA1UdIASB3zCB3DCB2QYEVR0gADCB0DCBzQYIKwYBBQUHAgIwgcAa
-gb1UZW50byBjZXJ0aWZpa2F0IGplIHZ5ZGFuIGpha28ga3ZhbGlmaWtvdmFueSBz
-eXN0ZW1vdnkgY2VydGlmaWthdCBwb2RsZSB6YWtvbmEgYy4gMjI3LzIwMDAgU2Iu
-IHYgcGxhdG5lbSB6bmVuaS9UaGlzIGlzIHF1YWxpZmllZCBzeXN0ZW0gY2VydGlm
-aWNhdGUgYWNjb3JkaW5nIHRvIEN6ZWNoIEFjdCBOby4gMjI3LzIwMDAgQ29sbC4w
-HQYDVR0OBBYEFHnL0CPpOmdwkXRP01Hi4CD94Sj7MA0GCSqGSIb3DQEBCwUAA4IB
-AQB9laU214hYaBHPZftbDS/2dIGLWdmdSbj1OZbJ8LIPBMxYjPoEMqzAR74tw96T
-i6aWRa5WdOWaS6I/qibEKFZhJAVXX5mkx2ewGFLJ+0Go+eTxnjLOnhVF2V2s+57b
-m8c8j6/bS6Ij6DspcHEYpfjjh64hE2r0aSpZDjGzKFM6YpqsCJN8qYe2X1qmGMLQ
-wvNdjG+nPzCJOOuUEypIWt555ZDLXqS5F7ZjBjlfyDZjEfS2Es9Idok8alf563Mi
-9/o+Ba46wMYOkk3P1IlU0RqCajdbliioACKDztAqubONU1guZVzV8tuMASVzbJeL
-/GAB7ECTwe1RuKrLYtglMKI9
------END CERTIFICATE-----
 # "IdenTrust Commercial Root CA 1"
 # 5D 56 49 9B E4 D2 E0 8B CF CA D0 8A 3E 38 72 3D
 # 50 50 3B DE 70 69 48 E4 2F 55 60 30 19 E5 28 AE
@@ -4722,123 +4561,6 @@ VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
 jjxDah2nGN59PRbxYvnKkKj9
 -----END CERTIFICATE-----
-# "UTN - DATACorp SGC"
-# 85 FB 2F 91 DD 12 27 5A 01 45 B6 36 53 4F 84 02
-# 4A D6 8B 69 B8 EE 88 68 4F F7 11 37 58 05 B3 48
------BEGIN CERTIFICATE-----
-MIIEXjCCA0agAwIBAgIQRL4Mi1AAIbQR0ypoBqmtaTANBgkqhkiG9w0BAQUFADCB
-kzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZBgNVBAMTElVUTiAtIERBVEFDb3Jw
-IFNHQzAeFw05OTA2MjQxODU3MjFaFw0xOTA2MjQxOTA2MzBaMIGTMQswCQYDVQQG
-EwJVUzELMAkGA1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYD
-VQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cu
-dXNlcnRydXN0LmNvbTEbMBkGA1UEAxMSVVROIC0gREFUQUNvcnAgU0dDMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+5YEKIrblXEjr8uRgnn4AgPLit6
-E5Qbvfa2gI5lBZMAHryv4g+OGQ0SR+ysraP6LnD43m77VkIVni5c7yPeIbkFdicZ
-D0/Ww5y0vpQZY/KmEQrrU0icvvIpOxboGqBMpsn0GFlowHDyUwDAXlCCpVZvNvlK
-4ESGoE1O1kduSUrLZ9emxAW5jh70/P/N5zbgnAVssjMiFdC04MwXwLLA9P4yPykq
-lXvY8qdOD1R8oQ2AswkDwf9c3V6aPryuvEeKaq5xyh+xKrhfQgUL7EYw0XILyulW
-bfXv33i+Ybqypa4ETLyorGkVl73v67SMvzX41MPRKA5cOp9wGDMgd8SirwIDAQAB
-o4GrMIGoMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRT
-MtGzz3/64PGgXYVOktKeRR20TzA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3Js
-LnVzZXJ0cnVzdC5jb20vVVROLURBVEFDb3JwU0dDLmNybDAqBgNVHSUEIzAhBggr
-BgEFBQcDAQYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GCSqGSIb3DQEBBQUAA4IB
-AQAnNZcAiosovcYzMB4p/OL31ZjUQLtgyr+rFywJNn9Q+kHcrpY6CiM+iVnJowft
-Gzet/Hy+UUla3joKVAgWRcKZsYfNjGjgaQPpxE6YsjuMFrMOoAyYUJuTqXAJyCyj
-j98C5OBxOvG0I3KgqgHf35g+FFCgMSa9KOlaMCZ1+XtgHI3zzVAmbQQnmt/VDUVH
-KWss5nbZqSl9Mt3JNjy9rjXxEZ4du5A/EkdOjtd+D2JzHVImOBwYSf0wdJrE5SIv
-2MCN7ZF6TACPcn9d2t0bi0Vr591pl6jFVkwPDPafepE39peC4N1xaf92P2BNPM/3
-mfnGV/TJVTl4uix5yaaIK/QI
------END CERTIFICATE-----
-# "UTN-USERFirst-Client Authentication and Email"
-# 43 F2 57 41 2D 44 0D 62 74 76 97 4F 87 7D A8 F1
-# FC 24 44 56 5A 36 7A E6 0E DD C2 7A 41 25 31 AE
------BEGIN CERTIFICATE-----
-MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
-rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt
-Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa
-Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV
-BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l
-dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE
-AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B
-YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9
-hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l
-L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm
-SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM
-1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws
-6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw
-Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50
-aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
-AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u
-7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0
-xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ
-rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim
-eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
-USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
------END CERTIFICATE-----
-# "UTN-USERFirst-Hardware"
-# 6E A5 47 41 D0 04 66 7E ED 1B 48 16 63 4A A3 A7
-# 9E 6E 4B 96 95 0F 82 79 DA FC 8D 9B D8 81 21 37
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
------END CERTIFICATE-----
-# "UTN-USERFirst-Object"
-# 6F FF 78 E4 00 A7 0C 11 01 1C D8 59 77 C4 59 FB
-# 5A F9 6A 3D F0 54 08 20 D0 F4 B8 60 78 75 E5 8F
------BEGIN CERTIFICATE-----
-MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCB
-lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
-T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowgZUxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAc
-BgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
-dy51c2VydHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicP
-HxzfOpuCaDDASmEd8S8O+r5596Uj71VRloTN2+O5bj4x2AogZ8f02b+U60cEPgLO
-KqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQw5ujm9M89RKZd7G3CeBo
-5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vulBe3/IW+
-pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehb
-kkj7RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUC
-AwEAAaOBrzCBrDALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQU2u1kdBScFDyr3ZmpvVsoTYs8ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmlyc3QtT2JqZWN0LmNybDApBgNV
-HSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQwDQYJKoZIhvcN
-AQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw
-NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXB
-mMiKVl0+7kNOPmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU
-4U3GDZlDAQ0Slox4nb9QorFEqmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK5
-81OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCGhU3IfdeLA/5u1fedFqySLKAj5ZyR
-Uh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8g=
------END CERTIFICATE-----
 # "VeriSign Class 1 Public Primary Certification Authority - G3"
 # CB B5 AF 18 5E 94 2A 24 02 F9 EA CB C0 ED 5B B8
 # 76 EE A3 C1 22 36 23 D0 04 47 E4 F3 BA 55 4B 65
diff --git a/libgo/go/crypto/x509/x509.go b/libgo/go/crypto/x509/x509.go
index 60dfac741b8..8c0299b11e9 100644
--- a/libgo/go/crypto/x509/x509.go
+++ b/libgo/go/crypto/x509/x509.go
@@ -1997,49 +1997,6 @@ func buildCSRExtensions(template *CertificateRequest) ([]pkix.Extension, error)
 		})
 	}
 
-	if template.KeyUsage != 0 &&
-		!oidInExtensions(oidExtensionKeyUsage, template.ExtraExtensions) {
-		ext, err := marshalKeyUsage(template.KeyUsage)
-		if err != nil {
-			return nil, err
-		}
-		ret = append(ret, ext)
-	}
-
-	if (len(template.ExtKeyUsage) > 0 || len(template.UnknownExtKeyUsage) > 0) &&
-		!oidInExtensions(oidExtensionExtendedKeyUsage, template.ExtraExtensions) {
-		ext, err := marshalExtKeyUsage(template.ExtKeyUsage, template.UnknownExtKeyUsage)
-		if err != nil {
-			return nil, err
-		}
-		ret = append(ret, ext)
-	}
-
-	if template.BasicConstraintsValid && !oidInExtensions(oidExtensionBasicConstraints, template.ExtraExtensions) {
-		ext, err := marshalBasicConstraints(template.IsCA, template.MaxPathLen, template.MaxPathLenZero)
-		if err != nil {
-			return nil, err
-		}
-		ret = append(ret, ext)
-	}
-
-	if len(template.SubjectKeyId) > 0 && !oidInExtensions(oidExtensionSubjectKeyId, template.ExtraExtensions) {
-		skidBytes, err := asn1.Marshal(template.SubjectKeyId)
-		if err != nil {
-			return nil, err
-		}
-		ret = append(ret, pkix.Extension{Id: oidExtensionSubjectKeyId, Value: skidBytes})
-	}
-
-	if len(template.PolicyIdentifiers) > 0 &&
-		!oidInExtensions(oidExtensionCertificatePolicies, template.ExtraExtensions) {
-		ext, err := marshalCertificatePolicies(template.PolicyIdentifiers)
-		if err != nil {
-			return nil, err
-		}
-		ret = append(ret, ext)
-	}
-
 	return append(ret, template.ExtraExtensions...), nil
 }
 
@@ -2405,7 +2362,6 @@ type CertificateRequest struct {
 	Version            int
 	Signature          []byte
 	SignatureAlgorithm SignatureAlgorithm
-	KeyUsage           KeyUsage
 
 	PublicKeyAlgorithm PublicKeyAlgorithm
 	PublicKey          interface{}
@@ -2438,37 +2394,6 @@ type CertificateRequest struct {
 	EmailAddresses []string
 	IPAddresses    []net.IP
 	URIs           []*url.URL
-
-	ExtKeyUsage        []ExtKeyUsage           // Sequence of extended key usages.
-	UnknownExtKeyUsage []asn1.ObjectIdentifier // Encountered extended key usages unknown to this package.
-
-	// BasicConstraintsValid indicates whether IsCA, MaxPathLen,
-	// and MaxPathLenZero are valid.
-	BasicConstraintsValid bool
-	IsCA                  bool
-
-	// MaxPathLen and MaxPathLenZero indicate the presence and
-	// value of the BasicConstraints' "pathLenConstraint".
-	//
-	// When parsing a certificate, a positive non-zero MaxPathLen
-	// means that the field was specified, -1 means it was unset,
-	// and MaxPathLenZero being true mean that the field was
-	// explicitly set to zero. The case of MaxPathLen==0 with MaxPathLenZero==false
-	// should be treated equivalent to -1 (unset).
-	//
-	// When generating a certificate, an unset pathLenConstraint
-	// can be requested with either MaxPathLen == -1 or using the
-	// zero value for both MaxPathLen and MaxPathLenZero.
-	MaxPathLen int
-	// MaxPathLenZero indicates that BasicConstraintsValid==true
-	// and MaxPathLen==0 should be interpreted as an actual
-	// maximum path length of zero. Otherwise, that combination is
-	// interpreted as MaxPathLen not being set.
-	MaxPathLenZero bool
-
-	SubjectKeyId []byte
-
-	PolicyIdentifiers []asn1.ObjectIdentifier
 }
 
 // These structures reflect the ASN.1 structure of X.509 certificate
@@ -2566,15 +2491,6 @@ func parseCSRExtensions(rawAttributes []asn1.RawValue) ([]pkix.Extension, error)
 //  - EmailAddresses
 //  - IPAddresses
 //  - URIs
-//  - KeyUsage
-//  - ExtKeyUsage
-//  - UnknownExtKeyUsage
-//  - BasicConstraintsValid
-//  - IsCA
-//  - MaxPathLen
-//  - MaxPathLenZero
-//  - SubjectKeyId
-//  - PolicyIdentifiers
 //  - ExtraExtensions
 //  - Attributes (deprecated)
 //
@@ -2799,30 +2715,6 @@ func parseCertificateRequest(in *certificateRequest) (*CertificateRequest, error
 			if err != nil {
 				return nil, err
 			}
-		case extension.Id.Equal(oidExtensionKeyUsage):
-			out.KeyUsage, err = parseKeyUsageExtension(extension.Value)
-		case extension.Id.Equal(oidExtensionExtendedKeyUsage):
-			out.ExtKeyUsage, out.UnknownExtKeyUsage, err = parseExtKeyUsageExtension(extension.Value)
-			if err != nil {
-				return nil, err
-			}
-		case extension.Id.Equal(oidExtensionBasicConstraints):
-			out.IsCA, out.MaxPathLen, err = parseBasicConstraintsExtension(extension.Value)
-			if err != nil {
-				return nil, err
-			}
-			out.BasicConstraintsValid = true
-			out.MaxPathLenZero = out.MaxPathLen == 0
-		case extension.Id.Equal(oidExtensionSubjectKeyId):
-			out.SubjectKeyId, err = parseSubjectKeyIdExtension(extension.Value)
-			if err != nil {
-				return nil, err
-			}
-		case extension.Id.Equal(oidExtensionCertificatePolicies):
-			out.PolicyIdentifiers, err = parseCertificatePoliciesExtension(extension.Value)
-			if err != nil {
-				return nil, err
-			}
 		}
 	}
 
diff --git a/libgo/go/crypto/x509/x509_test.go b/libgo/go/crypto/x509/x509_test.go
index 65d105db344..51dda16815b 100644
--- a/libgo/go/crypto/x509/x509_test.go
+++ b/libgo/go/crypto/x509/x509_test.go
@@ -2964,44 +2964,34 @@ func certPoolEqual(a, b *CertPool) bool {
 }
 
 func TestCertificateRequestRoundtripFields(t *testing.T) {
+	urlA, err := url.Parse("https://example.com/_")
+	if err != nil {
+		t.Fatal(err)
+	}
+	urlB, err := url.Parse("https://example.org/_")
+	if err != nil {
+		t.Fatal(err)
+	}
 	in := &CertificateRequest{
-		KeyUsage:              KeyUsageCertSign,
-		ExtKeyUsage:           []ExtKeyUsage{ExtKeyUsageAny},
-		UnknownExtKeyUsage:    []asn1.ObjectIdentifier{{1, 2, 3}},
-		BasicConstraintsValid: true,
-		IsCA:                  true,
-		MaxPathLen:            0,
-		MaxPathLenZero:        true,
-		SubjectKeyId:          []byte{1, 2, 3},
-		PolicyIdentifiers:     []asn1.ObjectIdentifier{{1, 2, 3}},
+		DNSNames:       []string{"example.com", "example.org"},
+		EmailAddresses: []string{"a@example.com", "b@example.com"},
+		IPAddresses:    []net.IP{net.IPv4(192, 0, 2, 0), net.IPv6loopback},
+		URIs:           []*url.URL{urlA, urlB},
 	}
 	out := marshalAndParseCSR(t, in)
 
-	if in.KeyUsage != out.KeyUsage {
-		t.Fatalf("Unexpected KeyUsage: got %v, want %v", out.KeyUsage, in.KeyUsage)
-	}
-	if !reflect.DeepEqual(in.ExtKeyUsage, out.ExtKeyUsage) {
-		t.Fatalf("Unexpected ExtKeyUsage: got %v, want %v", out.ExtKeyUsage, in.ExtKeyUsage)
-	}
-	if !reflect.DeepEqual(in.UnknownExtKeyUsage, out.UnknownExtKeyUsage) {
-		t.Fatalf("Unexpected UnknownExtKeyUsage: got %v, want %v", out.UnknownExtKeyUsage, in.UnknownExtKeyUsage)
-	}
-	if in.BasicConstraintsValid != out.BasicConstraintsValid {
-		t.Fatalf("Unexpected BasicConstraintsValid: got %v, want %v", out.BasicConstraintsValid, in.BasicConstraintsValid)
-	}
-	if in.IsCA != out.IsCA {
-		t.Fatalf("Unexpected IsCA: got %v, want %v", out.IsCA, in.IsCA)
-	}
-	if in.MaxPathLen != out.MaxPathLen {
-		t.Fatalf("Unexpected MaxPathLen: got %v, want %v", out.MaxPathLen, in.MaxPathLen)
+	if !reflect.DeepEqual(in.DNSNames, out.DNSNames) {
+		t.Fatalf("Unexpected DNSNames: got %v, want %v", out.DNSNames, in.DNSNames)
 	}
-	if in.MaxPathLenZero != out.MaxPathLenZero {
-		t.Fatalf("Unexpected MaxPathLenZero: got %v, want %v", out.MaxPathLenZero, in.MaxPathLenZero)
+	if !reflect.DeepEqual(in.EmailAddresses, out.EmailAddresses) {
+		t.Fatalf("Unexpected EmailAddresses: got %v, want %v", out.EmailAddresses, in.EmailAddresses)
 	}
-	if !reflect.DeepEqual(in.SubjectKeyId, out.SubjectKeyId) {
-		t.Fatalf("Unexpected SubjectKeyId: got %v, want %v", out.SubjectKeyId, in.SubjectKeyId)
+	if len(in.IPAddresses) != len(out.IPAddresses) ||
+		!in.IPAddresses[0].Equal(out.IPAddresses[0]) ||
+		!in.IPAddresses[1].Equal(out.IPAddresses[1]) {
+		t.Fatalf("Unexpected IPAddresses: got %v, want %v", out.IPAddresses, in.IPAddresses)
 	}
-	if !reflect.DeepEqual(in.PolicyIdentifiers, out.PolicyIdentifiers) {
-		t.Fatalf("Unexpected PolicyIdentifiers: got %v, want %v", out.PolicyIdentifiers, in.PolicyIdentifiers)
+	if !reflect.DeepEqual(in.URIs, out.URIs) {
+		t.Fatalf("Unexpected URIs: got %v, want %v", out.URIs, in.URIs)
 	}
 }