diff options
| author | wchang0222%aol.com <devnull@localhost> | 2004-10-15 21:14:00 +0000 |
|---|---|---|
| committer | wchang0222%aol.com <devnull@localhost> | 2004-10-15 21:14:00 +0000 |
| commit | 0cb471fc59917821ed201a6a8ac7285e185cfe89 (patch) | |
| tree | 1b77485c492003f5019bf9da8cb381a44929dd58 | |
| parent | 38fde6b6722759fb0af0b13cfbef24cab6d51762 (diff) | |
| download | nss-hg-0cb471fc59917821ed201a6a8ac7285e185cfe89.tar.gz | |
Bugzilla bug 263567: upgraded from NSS 3.9.1 (roughly) to NSS 3.9.3 Beta 3
(roughly). a=asa.
Tag: AVIARY_1_0_20040515_BRANCH
89 files changed, 6205 insertions, 597 deletions
diff --git a/security/coreconf/OS2.mk b/security/coreconf/OS2.mk index 5b3b51d0b..a8eed088f 100644 --- a/security/coreconf/OS2.mk +++ b/security/coreconf/OS2.mk @@ -54,8 +54,7 @@ LIB_PREFIX = $(NULL) # Override suffix in suffix.mk LIB_SUFFIX = lib -# the DLL_SUFFIX must be uppercase for FIPS mode to work. bugzilla 240784 -DLL_SUFFIX = DLL +DLL_SUFFIX = dll PROG_SUFFIX = .exe diff --git a/security/coreconf/WIN954.0.mk b/security/coreconf/WIN954.0.mk index 50f0cc220..13aa6519c 100644 --- a/security/coreconf/WIN954.0.mk +++ b/security/coreconf/WIN954.0.mk @@ -60,7 +60,7 @@ endif ifndef NS_USE_GCC OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS ifndef MOZ_DEBUG_SYMBOLS -OS_DLLFLAGS += -PDB:NONE + OS_DLLFLAGS += -PDB:NONE endif endif DEFINES += -DWIN95 diff --git a/security/coreconf/WINCE3.0.mk b/security/coreconf/WINCE3.0.mk index 9f18b7a26..375cb4a5a 100644 --- a/security/coreconf/WINCE3.0.mk +++ b/security/coreconf/WINCE3.0.mk @@ -76,7 +76,7 @@ LINKFLAGS = -nologo -subsystem:windowsce,3.00 \ $(NULL) ifndef MOZ_DEBUG_SYMBOLS -LINKFLAGS += -PDB:NONE + LINKFLAGS += -PDB:NONE endif LINK += $(LINKFLAGS) diff --git a/security/coreconf/WINNT3.51.mk b/security/coreconf/WINNT3.51.mk index db504c7ca..42a268ed4 100644 --- a/security/coreconf/WINNT3.51.mk +++ b/security/coreconf/WINNT3.51.mk @@ -55,10 +55,9 @@ endif OS_WIN_CFLAGS += -W3 OS_CFLAGS += -nologo $(OS_WIN_CFLAGS) $(OS_PROC_CFLAGS) -#OS_DLLFLAGS += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS ifndef MOZ_DEBUG_SYMBOLS -OS_DLLFLAGS += -PDB:NONE + OS_DLLFLAGS += -PDB:NONE endif # diff --git a/security/coreconf/WINNT4.0.mk b/security/coreconf/WINNT4.0.mk index 9720a0724..d15f547ee 100644 --- a/security/coreconf/WINNT4.0.mk +++ b/security/coreconf/WINNT4.0.mk @@ -57,7 +57,7 @@ endif OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS ifndef MOZ_DEBUG_SYMBOLS -OS_DLLFLAGS += -PDB:NONE + OS_DLLFLAGS += -PDB:NONE endif # diff --git a/security/coreconf/WINNT5.0.mk b/security/coreconf/WINNT5.0.mk index e2ea4f178..81cd668ed 100644 --- a/security/coreconf/WINNT5.0.mk +++ b/security/coreconf/WINNT5.0.mk @@ -57,7 +57,7 @@ endif OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS ifndef MOZ_DEBUG_SYMBOLS -OS_DLLFLAGS += -PDB:NONE + OS_DLLFLAGS += -PDB:NONE endif # diff --git a/security/coreconf/WINNT5.1.mk b/security/coreconf/WINNT5.1.mk index f672d472f..90b063a29 100644 --- a/security/coreconf/WINNT5.1.mk +++ b/security/coreconf/WINNT5.1.mk @@ -57,7 +57,7 @@ endif OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS ifndef MOZ_DEBUG_SYMBOLS -OS_DLLFLAGS += -PDB:NONE + OS_DLLFLAGS += -PDB:NONE endif # diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h index 218d43be1..5fdc7fa51 100644 --- a/security/nss/cmd/lib/SECerrs.h +++ b/security/nss/cmd/lib/SECerrs.h @@ -1,35 +1,38 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * + * + * The Initial Developer of the Original Code is + * Netscape Communications Corporation. + * Portions created by the Initial Developer are Copyright (C) 1994-2000 + * the Initial Developer. All Rights Reserved. + * * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ /* General security error codes */ /* Caller must #include "secerr.h" */ @@ -477,3 +480,27 @@ ER3(SEC_ERROR_UNRECOGNIZED_OID, (SEC_ERROR_BASE + 143), ER3(SEC_ERROR_OCSP_INVALID_SIGNING_CERT, (SEC_ERROR_BASE + 144), "Invalid OCSP signing certificate in OCSP response.") + +ER3(SEC_ERROR_REVOKED_CERTIFICATE_CRL, (SEC_ERROR_BASE + 145), +"Certificate is revoked in issuer's certificate revocation list.") + +ER3(SEC_ERROR_REVOKED_CERTIFICATE_OCSP, (SEC_ERROR_BASE + 146), +"Issuer's OCSP responder reports certificate is revoked.") + +ER3(SEC_ERROR_CRL_INVALID_VERSION, (SEC_ERROR_BASE + 147), +"Issuer's Certificate Revocation List has an unknown version number.") + +ER3(SEC_ERROR_CRL_V1_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 148), +"Issuer's V1 Certificate Revocation List has a critical extension.") + +ER3(SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 149), +"Issuer's V2 Certificate Revocation List has an unknown critical extension.") + +ER3(SEC_ERROR_UNKNOWN_OBJECT_TYPE, (SEC_ERROR_BASE + 150), +"Unknown object type specified.") + +ER3(SEC_ERROR_INCOMPATIBLE_PKCS11, (SEC_ERROR_BASE + 151), +"PKCS #11 driver violates the spec in an incompatible way.") + +ER3(SEC_ERROR_NO_EVENT, (SEC_ERROR_BASE + 152), +"No new slot event is available at this time.") diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c index cb6942b30..033ed98bc 100644 --- a/security/nss/cmd/lib/secutil.c +++ b/security/nss/cmd/lib/secutil.c @@ -2106,7 +2106,8 @@ SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level) level + 1); SECU_PrintName(out, &(crl->name), "Issuer", level + 1); SECU_PrintTimeChoice(out, &(crl->lastUpdate), "This Update", level + 1); - SECU_PrintTimeChoice(out, &(crl->nextUpdate), "Next Update", level + 1); + if (crl->nextUpdate.data && crl->nextUpdate.len) /* is optional */ + SECU_PrintTimeChoice(out, &(crl->nextUpdate), "Next Update", level + 1); if (crl->entries != NULL) { iv = 0; diff --git a/security/nss/cmd/platlibs.mk b/security/nss/cmd/platlibs.mk index a160c3176..17db7c390 100644 --- a/security/nss/cmd/platlibs.mk +++ b/security/nss/cmd/platlibs.mk @@ -194,6 +194,18 @@ endif endif endif +ifeq ($(OS_ARCH), SunOS) +ifeq ($(BUILD_SUN_PKG), 1) +ifeq ($(USE_64), 1) +EXTRA_SHARED_LIBS += -R '$$ORIGIN/../lib:/usr/lib/mps/secv1/sparcv9:/usr/lib/mps/sparcv9' +else +EXTRA_SHARED_LIBS += -R '$$ORIGIN/../lib:/usr/lib/mps/secv1:/usr/lib/mps' +endif +else +EXTRA_SHARED_LIBS += -R '$$ORIGIN/../lib' +endif +endif + ifeq ($(OS_ARCH), Darwin) EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib endif diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index fee8ac903..d9cd18449 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -986,6 +986,10 @@ CERT_CheckCertValidTimes(CERTCertificate *c, PRTime t, PRBool allowOverride) PRTime notBefore, notAfter, llPendingSlop, tmp1; SECStatus rv; + if (!c) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return(secCertTimeUndetermined); + } /* if cert is already marked OK, then don't bother to check */ if ( allowOverride && c->timeOK ) { return(secCertTimeValid); @@ -2298,7 +2302,7 @@ CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage, } } - return (fcerts ? SECSuccess : SECFailure); + return ((fcerts || !ncerts) ? SECSuccess : SECFailure); } /* diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h index e502bfdda..4eb678bda 100644 --- a/security/nss/lib/certdb/certt.h +++ b/security/nss/lib/certdb/certt.h @@ -512,7 +512,9 @@ typedef enum CERTCertOwnerEnum { typedef enum SECCertTimeValidityEnum { secCertTimeValid = 0, secCertTimeExpired = 1, - secCertTimeNotValidYet = 2 + secCertTimeNotValidYet = 2, + secCertTimeUndetermined = 3 /* validity could not be decoded from the + cert, most likely because it was NULL */ } SECCertTimeValidity; /* diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c index a908c0f6d..dc2f6728b 100644 --- a/security/nss/lib/certdb/stanpcertdb.c +++ b/security/nss/lib/certdb/stanpcertdb.c @@ -195,7 +195,7 @@ __CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname, nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1); /* reset the CERTCertificate fields */ cert->nssCertificate = NULL; - cert = STAN_GetCERTCertificate(c); /* will return same pointer */ + cert = STAN_GetCERTCertificateOrRelease(c); /* should return same pointer */ if (!cert) { return SECFailure; } @@ -248,7 +248,7 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL); cc = NULL; } else { - cc = STAN_GetCERTCertificate(c); + cc = STAN_GetCERTCertificateOrRelease(c); } return cc; } @@ -272,6 +272,8 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, /* Forces a decoding of the cert in order to obtain the parts used * below */ + /* 'c' is not adopted here, if we fail loser frees what has been + * allocated so far for 'c' */ cc = STAN_GetCERTCertificate(c); if (!cc) { goto loser; @@ -318,7 +320,7 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, if (tempCert) { /* and use the "official" entry */ c = tempCert; - cc = STAN_GetCERTCertificate(c); + cc = STAN_GetCERTCertificateOrRelease(c); if (!cc) { return NULL; } @@ -389,24 +391,12 @@ CERT_FindCertByName(CERTCertDBHandle *handle, SECItem *name) NULL, &usage, NULL); c = get_best_temp_or_perm(ct, cp); if (ct) { - CERTCertificate *cert = STAN_GetCERTCertificate(ct); - if (!cert) { - return NULL; - } - CERT_DestroyCertificate(cert); + CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct)); } if (cp) { - CERTCertificate *cert = STAN_GetCERTCertificate(cp); - if (!cert) { - return NULL; - } - CERT_DestroyCertificate(cert); - } - if (c) { - return STAN_GetCERTCertificate(c); - } else { - return NULL; + CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(cp)); } + return c ? STAN_GetCERTCertificateOrRelease(c) : NULL; } CERTCertificate * @@ -445,20 +435,12 @@ CERT_FindCertByNickname(CERTCertDBHandle *handle, char *nickname) c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert)); CERT_DestroyCertificate(cert); if (ct) { - CERTCertificate *cert2 = STAN_GetCERTCertificate(ct); - if (!cert2) { - return NULL; - } - CERT_DestroyCertificate(cert2); + CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct)); } } else { c = ct; } - if (c) { - return STAN_GetCERTCertificate(c); - } else { - return NULL; - } + return c ? STAN_GetCERTCertificateOrRelease(c) : NULL; } CERTCertificate * @@ -475,7 +457,7 @@ CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert) &encoding); if (!c) return NULL; } - return STAN_GetCERTCertificate(c); + return STAN_GetCERTCertificateOrRelease(c); } CERTCertificate * @@ -507,19 +489,12 @@ CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name) c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert)); CERT_DestroyCertificate(cert); if (ct) { - CERTCertificate *cert2 = STAN_GetCERTCertificate(ct); - if (!cert2) { - return NULL; - } - CERT_DestroyCertificate(cert2); + CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct)); } } else { c = ct; } - if (c) { - return STAN_GetCERTCertificate(c); - } - return NULL; + return c ? STAN_GetCERTCertificateOrRelease(c) : NULL; } static void @@ -575,8 +550,10 @@ CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle, /* Iterate over the matching temp certs. Add them to the list */ ci = tSubjectCerts; while (ci && *ci) { - cert = STAN_GetCERTCertificate(*ci); + cert = STAN_GetCERTCertificateOrRelease(*ci); + /* *ci may be invalid at this point, don't reference it again */ if (cert) { + /* NOTE: add_to_subject_list adopts the incoming cert. */ add_to_subject_list(certList, cert, validOnly, sorttime); } ci++; @@ -584,18 +561,23 @@ CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle, /* Iterate over the matching perm certs. Add them to the list */ ci = pSubjectCerts; while (ci && *ci) { - cert = STAN_GetCERTCertificate(*ci); + cert = STAN_GetCERTCertificateOrRelease(*ci); + /* *ci may be invalid at this point, don't reference it again */ if (cert) { + /* NOTE: add_to_subject_list adopts the incoming cert. */ add_to_subject_list(certList, cert, validOnly, sorttime); } ci++; } + /* all the references have been adopted or freed at this point, just + * free the arrays now */ nss_ZFreeIf(tSubjectCerts); nss_ZFreeIf(pSubjectCerts); return certList; loser: - nss_ZFreeIf(tSubjectCerts); - nss_ZFreeIf(pSubjectCerts); + /* need to free the references in tSubjectCerts and pSubjectCerts! */ + nssCertificateArray_Destroy(tSubjectCerts); + nssCertificateArray_Destroy(pSubjectCerts); if (myList && certList != NULL) { CERT_DestroyCertList(certList); } diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c index a77d9b406..4bada1b40 100644 --- a/security/nss/lib/certhigh/certvfy.c +++ b/security/nss/lib/certhigh/certvfy.c @@ -1883,7 +1883,7 @@ CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert, char *expiredString, char *notYetGoodString) { SECCertTimeValidity validity; - char *nickname, *tmpstr; + char *nickname = NULL, *tmpstr = NULL; validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE); @@ -1906,11 +1906,16 @@ CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert, if ( validity == secCertTimeExpired ) { tmpstr = PR_smprintf("%s%s", cert->nickname, expiredString); - } else { + } else if ( validity == secCertTimeNotValidYet ) { /* not yet valid */ tmpstr = PR_smprintf("%s%s", cert->nickname, notYetGoodString); - } + } else { + /* undetermined */ + tmpstr = PR_smprintf("%s", + "(NULL) (Validity Unknown)"); + } + if ( tmpstr == NULL ) { goto loser; } diff --git a/security/nss/lib/ckfw/builtins/certdata.c b/security/nss/lib/ckfw/builtins/certdata.c index 5af3bb071..d85aa1b27 100644 --- a/security/nss/lib/ckfw/builtins/certdata.c +++ b/security/nss/lib/ckfw/builtins/certdata.c @@ -39,15 +39,15 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $R #include "builtins.h" #endif /* BUILTINS_H */ -static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; -static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509; -static const CK_BBOOL ck_false = CK_FALSE; +static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST; static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID; +static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST; static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR; +static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509; static const CK_OBJECT_CLASS cko_data = CKO_DATA; +static const CK_BBOOL ck_false = CK_FALSE; static const CK_BBOOL ck_true = CK_TRUE; -static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST; -static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST; +static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; #ifdef DEBUG static const CK_ATTRIBUTE_TYPE nss_builtins_types_0 [] = { CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_APPLICATION, CKA_VALUE @@ -440,6 +440,72 @@ static const CK_ATTRIBUTE_TYPE nss_builtins_types_128 [] = { static const CK_ATTRIBUTE_TYPE nss_builtins_types_129 [] = { CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING }; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_130 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_131 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_132 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_133 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_134 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_135 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_136 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_137 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_138 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_139 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_140 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_141 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_142 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_143 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_144 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_145 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_146 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_147 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_148 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_149 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_150 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE +}; +static const CK_ATTRIBUTE_TYPE nss_builtins_types_151 [] = { + CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING +}; #ifdef DEBUG static const NSSItem nss_builtins_items_0 [] = { { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) }, @@ -8075,6 +8141,1874 @@ static const NSSItem nss_builtins_items_129 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; +static const NSSItem nss_builtins_items_130 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Certum Root CA", (PRUint32)15 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061" +"\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164" +"\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020" +"\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101" +, (PRUint32)64 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061" +"\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164" +"\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020" +"\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101" +, (PRUint32)64 }, + { (void *)"\002\003\001\000\040" +, (PRUint32)5 }, + { (void *)"\060\202\003\014\060\202\001\364\240\003\002\001\002\002\003\001" +"\000\040\060\015\006\011\052\206\110\206\367\015\001\001\005\005" +"\000\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114" +"\061\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145" +"\164\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060" +"\020\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103" +"\101\060\036\027\015\060\062\060\066\061\061\061\060\064\066\063" +"\071\132\027\015\062\067\060\066\061\061\061\060\064\066\063\071" +"\132\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114" +"\061\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145" +"\164\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060" +"\020\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103" +"\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001" +"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001" +"\001\000\316\261\301\056\323\117\174\315\045\316\030\076\117\304" +"\214\157\200\152\163\310\133\121\370\233\322\334\273\000\134\261" +"\240\374\165\003\356\201\360\210\356\043\122\351\346\025\063\215" +"\254\055\011\305\166\371\053\071\200\211\344\227\113\220\245\250" +"\170\370\163\103\173\244\141\260\330\130\314\341\154\146\176\234" +"\363\011\136\125\143\204\325\250\357\363\261\056\060\150\263\304" +"\074\330\254\156\215\231\132\220\116\064\334\066\232\217\201\210" +"\120\267\155\226\102\011\363\327\225\203\015\101\113\260\152\153" +"\370\374\017\176\142\237\147\304\355\046\137\020\046\017\010\117" +"\360\244\127\050\316\217\270\355\105\366\156\356\045\135\252\156" +"\071\276\344\223\057\331\107\240\162\353\372\246\133\257\312\123" +"\077\342\016\306\226\126\021\156\367\351\146\251\046\330\177\225" +"\123\355\012\205\210\272\117\051\245\102\214\136\266\374\205\040" +"\000\252\150\013\241\032\205\001\234\304\106\143\202\210\266\042" +"\261\356\376\252\106\131\176\317\065\054\325\266\332\135\367\110" +"\063\024\124\266\353\331\157\316\315\210\326\253\033\332\226\073" +"\035\131\002\003\001\000\001\243\023\060\021\060\017\006\003\125" +"\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011" +"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000" +"\270\215\316\357\347\024\272\317\356\260\104\222\154\264\071\076" +"\242\204\156\255\270\041\167\322\324\167\202\207\346\040\101\201" +"\356\342\370\021\267\143\321\027\067\276\031\166\044\034\004\032" +"\114\353\075\252\147\157\055\324\315\376\145\061\160\305\033\246" +"\002\012\272\140\173\155\130\302\232\111\376\143\062\013\153\343" +"\072\300\254\253\073\260\350\323\011\121\214\020\203\306\064\340" +"\305\053\340\032\266\140\024\047\154\062\167\214\274\262\162\230" +"\317\315\314\077\271\310\044\102\024\326\127\374\346\046\103\251" +"\035\345\200\220\316\003\124\050\076\367\077\323\370\115\355\152" +"\012\072\223\023\233\073\024\043\023\143\234\077\321\207\047\171" +"\345\114\121\343\001\255\205\135\032\073\261\325\163\020\244\323" +"\362\274\156\144\365\132\126\220\250\307\016\114\164\017\056\161" +"\073\367\310\107\364\151\157\025\362\021\136\203\036\234\174\122" +"\256\375\002\332\022\250\131\147\030\333\274\160\335\233\261\151" +"\355\200\316\211\100\110\152\016\065\312\051\146\025\041\224\054" +"\350\140\052\233\205\112\100\363\153\212\044\354\006\026\054\163" +, (PRUint32)784 } +}; +static const NSSItem nss_builtins_items_131 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Certum Root CA", (PRUint32)15 }, + { (void *)"\142\122\334\100\367\021\103\242\057\336\236\367\064\216\006\102" +"\121\261\201\030" +, (PRUint32)20 }, + { (void *)"\054\217\237\146\035\030\220\261\107\046\235\216\206\202\214\251" +, (PRUint32)16 }, + { (void *)"\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061" +"\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164" +"\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020" +"\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101" +, (PRUint32)64 }, + { (void *)"\002\003\001\000\040" +, (PRUint32)5 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_132 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Comodo AAA Services root", (PRUint32)25 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003" +"\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151" +"\143\141\164\145\040\123\145\162\166\151\143\145\163" +, (PRUint32)125 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003" +"\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151" +"\143\141\164\145\040\123\145\162\166\151\143\145\163" +, (PRUint32)125 }, + { (void *)"\002\001\001" +, (PRUint32)3 }, + { (void *)"\060\202\004\062\060\202\003\032\240\003\002\001\002\002\001\001" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033" +"\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162" +"\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006" +"\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060" +"\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103" +"\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003\125" +"\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151\143" +"\141\164\145\040\123\145\162\166\151\143\145\163\060\036\027\015" +"\060\064\060\061\060\061\060\060\060\060\060\060\132\027\015\062" +"\070\061\062\063\061\062\063\065\071\065\071\132\060\173\061\013" +"\060\011\006\003\125\004\006\023\002\107\102\061\033\060\031\006" +"\003\125\004\010\014\022\107\162\145\141\164\145\162\040\115\141" +"\156\143\150\145\163\164\145\162\061\020\060\016\006\003\125\004" +"\007\014\007\123\141\154\146\157\162\144\061\032\060\030\006\003" +"\125\004\012\014\021\103\157\155\157\144\157\040\103\101\040\114" +"\151\155\151\164\145\144\061\041\060\037\006\003\125\004\003\014" +"\030\101\101\101\040\103\145\162\164\151\146\151\143\141\164\145" +"\040\123\145\162\166\151\143\145\163\060\202\001\042\060\015\006" +"\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017" +"\000\060\202\001\012\002\202\001\001\000\276\100\235\364\156\341" +"\352\166\207\034\115\105\104\216\276\106\310\203\006\235\301\052" +"\376\030\037\216\344\002\372\363\253\135\120\212\026\061\013\232" +"\006\320\305\160\042\315\111\055\124\143\314\266\156\150\106\013" +"\123\352\313\114\044\300\274\162\116\352\361\025\256\364\124\232" +"\022\012\303\172\262\063\140\342\332\211\125\363\042\130\363\336" +"\334\317\357\203\206\242\214\224\117\237\150\362\230\220\106\204" +"\047\307\166\277\343\314\065\054\213\136\007\144\145\202\300\110" +"\260\250\221\371\141\237\166\040\120\250\221\307\146\265\353\170" +"\142\003\126\360\212\032\023\352\061\243\036\240\231\375\070\366" +"\366\047\062\130\157\007\365\153\270\373\024\053\257\267\252\314" +"\326\143\137\163\214\332\005\231\250\070\250\313\027\170\066\121" +"\254\351\236\364\170\072\215\317\017\331\102\342\230\014\253\057" +"\237\016\001\336\357\237\231\111\361\055\337\254\164\115\033\230" +"\265\107\305\345\051\321\371\220\030\307\142\234\276\203\307\046" +"\173\076\212\045\307\300\335\235\346\065\150\020\040\235\217\330" +"\336\322\303\204\234\015\136\350\057\311\002\003\001\000\001\243" +"\201\300\060\201\275\060\035\006\003\125\035\016\004\026\004\024" +"\240\021\012\043\076\226\361\007\354\342\257\051\357\202\245\177" +"\320\060\244\264\060\016\006\003\125\035\017\001\001\377\004\004" +"\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005" +"\060\003\001\001\377\060\173\006\003\125\035\037\004\164\060\162" +"\060\070\240\066\240\064\206\062\150\164\164\160\072\057\057\143" +"\162\154\056\143\157\155\157\144\157\143\141\056\143\157\155\057" +"\101\101\101\103\145\162\164\151\146\151\143\141\164\145\123\145" +"\162\166\151\143\145\163\056\143\162\154\060\066\240\064\240\062" +"\206\060\150\164\164\160\072\057\057\143\162\154\056\143\157\155" +"\157\144\157\056\156\145\164\057\101\101\101\103\145\162\164\151" +"\146\151\143\141\164\145\123\145\162\166\151\143\145\163\056\143" +"\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005\005" +"\000\003\202\001\001\000\010\126\374\002\360\233\350\377\244\372" +"\326\173\306\104\200\316\117\304\305\366\000\130\314\246\266\274" +"\024\111\150\004\166\350\346\356\135\354\002\017\140\326\215\120" +"\030\117\046\116\001\343\346\260\245\356\277\274\164\124\101\277" +"\375\374\022\270\307\117\132\364\211\140\005\177\140\267\005\112" +"\363\366\361\302\277\304\271\164\206\266\055\175\153\314\322\363" +"\106\335\057\306\340\152\303\303\064\003\054\175\226\335\132\302" +"\016\247\012\231\301\005\213\253\014\057\363\134\072\317\154\067" +"\125\011\207\336\123\100\154\130\357\374\266\253\145\156\004\366" +"\033\334\074\340\132\025\306\236\331\361\131\110\060\041\145\003" +"\154\354\351\041\163\354\233\003\241\340\067\255\240\025\030\217" +"\372\272\002\316\247\054\251\020\023\054\324\345\010\046\253\042" +"\227\140\370\220\136\164\324\242\232\123\275\362\251\150\340\242" +"\156\302\327\154\261\243\017\236\277\353\150\347\126\362\256\362" +"\343\053\070\072\011\201\265\153\205\327\276\055\355\077\032\267" +"\262\143\342\365\142\054\202\324\152\000\101\120\361\071\203\237" +"\225\351\066\226\230\156" +, (PRUint32)1078 } +}; +static const NSSItem nss_builtins_items_133 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Comodo AAA Services root", (PRUint32)25 }, + { (void *)"\321\353\043\244\155\027\326\217\331\045\144\302\361\361\140\027" +"\144\330\343\111" +, (PRUint32)20 }, + { (void *)"\111\171\004\260\353\207\031\254\107\260\274\021\121\233\164\320" +, (PRUint32)16 }, + { (void *)"\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003" +"\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151" +"\143\141\164\145\040\123\145\162\166\151\143\145\163" +, (PRUint32)125 }, + { (void *)"\002\001\001" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_134 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Comodo Secure Services root", (PRUint32)28 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003" +"\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164" +"\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163" +, (PRUint32)128 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003" +"\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164" +"\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163" +, (PRUint32)128 }, + { (void *)"\002\001\001" +, (PRUint32)3 }, + { (void *)"\060\202\004\077\060\202\003\047\240\003\002\001\002\002\001\001" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033" +"\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162" +"\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006" +"\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060" +"\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103" +"\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003\125" +"\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164\151" +"\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163\060" +"\036\027\015\060\064\060\061\060\061\060\060\060\060\060\060\132" +"\027\015\062\070\061\062\063\061\062\063\065\071\065\071\132\060" +"\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033" +"\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162" +"\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006" +"\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060" +"\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103" +"\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003\125" +"\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164\151" +"\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163\060" +"\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001" +"\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000" +"\300\161\063\202\212\320\160\353\163\207\202\100\325\035\344\313" +"\311\016\102\220\371\336\064\271\241\272\021\364\045\205\363\314" +"\162\155\362\173\227\153\263\007\361\167\044\221\137\045\217\366" +"\164\075\344\200\302\370\074\015\363\277\100\352\367\310\122\321" +"\162\157\357\310\253\101\270\156\056\027\052\225\151\014\315\322" +"\036\224\173\055\224\035\252\165\327\263\230\313\254\274\144\123" +"\100\274\217\254\254\066\313\134\255\273\335\340\224\027\354\321" +"\134\320\277\357\245\225\311\220\305\260\254\373\033\103\337\172" +"\010\135\267\270\362\100\033\053\047\236\120\316\136\145\202\210" +"\214\136\323\116\014\172\352\010\221\266\066\252\053\102\373\352" +"\302\243\071\345\333\046\070\255\213\012\356\031\143\307\034\044" +"\337\003\170\332\346\352\301\107\032\013\013\106\011\335\002\374" +"\336\313\207\137\327\060\143\150\241\256\334\062\241\272\276\376" +"\104\253\150\266\245\027\025\375\275\325\247\247\232\344\104\063" +"\351\210\216\374\355\121\353\223\161\116\255\001\347\104\216\253" +"\055\313\250\376\001\111\110\360\300\335\307\150\330\222\376\075" +"\002\003\001\000\001\243\201\307\060\201\304\060\035\006\003\125" +"\035\016\004\026\004\024\074\330\223\210\302\300\202\011\314\001" +"\231\006\223\040\351\236\160\011\143\117\060\016\006\003\125\035" +"\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035" +"\023\001\001\377\004\005\060\003\001\001\377\060\201\201\006\003" +"\125\035\037\004\172\060\170\060\073\240\071\240\067\206\065\150" +"\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157" +"\143\141\056\143\157\155\057\123\145\143\165\162\145\103\145\162" +"\164\151\146\151\143\141\164\145\123\145\162\166\151\143\145\163" +"\056\143\162\154\060\071\240\067\240\065\206\063\150\164\164\160" +"\072\057\057\143\162\154\056\143\157\155\157\144\157\056\156\145" +"\164\057\123\145\143\165\162\145\103\145\162\164\151\146\151\143" +"\141\164\145\123\145\162\166\151\143\145\163\056\143\162\154\060" +"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202" +"\001\001\000\207\001\155\043\035\176\133\027\175\301\141\062\317" +"\217\347\363\212\224\131\146\340\236\050\250\136\323\267\364\064" +"\346\252\071\262\227\026\305\202\157\062\244\351\214\347\257\375" +"\357\302\350\271\113\252\243\364\346\332\215\145\041\373\272\200" +"\353\046\050\205\032\376\071\214\336\133\004\004\264\124\371\243" +"\147\236\101\372\011\122\314\005\110\250\311\077\041\004\036\316" +"\110\153\374\205\350\302\173\257\177\267\314\370\137\072\375\065" +"\306\015\357\227\334\114\253\021\341\153\313\061\321\154\373\110" +"\200\253\334\234\067\270\041\024\113\015\161\075\354\203\063\156" +"\321\156\062\026\354\230\307\026\213\131\246\064\253\005\127\055" +"\223\367\252\023\313\322\023\342\267\056\073\315\153\120\027\011" +"\150\076\265\046\127\356\266\340\266\335\271\051\200\171\175\217" +"\243\360\244\050\244\025\304\205\364\047\324\153\277\345\134\344" +"\145\002\166\124\264\343\067\146\044\323\031\141\310\122\020\345" +"\213\067\232\271\251\371\035\277\352\231\222\141\226\377\001\315" +"\241\137\015\274\161\274\016\254\013\035\107\105\035\301\354\174" +"\354\375\051" +, (PRUint32)1091 } +}; +static const NSSItem nss_builtins_items_135 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Comodo Secure Services root", (PRUint32)28 }, + { (void *)"\112\145\325\364\035\357\071\270\270\220\112\112\323\144\201\063" +"\317\307\241\321" +, (PRUint32)20 }, + { (void *)"\323\331\275\256\237\254\147\044\263\310\033\122\341\271\251\275" +, (PRUint32)16 }, + { (void *)"\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003" +"\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164" +"\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163" +, (PRUint32)128 }, + { (void *)"\002\001\001" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_136 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Comodo Trusted Services root", (PRUint32)29 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003" +"\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162" +"\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145" +"\163" +, (PRUint32)129 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003" +"\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162" +"\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145" +"\163" +, (PRUint32)129 }, + { (void *)"\002\001\001" +, (PRUint32)3 }, + { (void *)"\060\202\004\103\060\202\003\053\240\003\002\001\002\002\001\001" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033" +"\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162" +"\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006" +"\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060" +"\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103" +"\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003\125" +"\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162\164" +"\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163" +"\060\036\027\015\060\064\060\061\060\061\060\060\060\060\060\060" +"\132\027\015\062\070\061\062\063\061\062\063\065\071\065\071\132" +"\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003" +"\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162" +"\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145" +"\163\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001" +"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001" +"\001\000\337\161\157\066\130\123\132\362\066\124\127\200\304\164" +"\010\040\355\030\177\052\035\346\065\232\036\045\254\234\345\226" +"\176\162\122\240\025\102\333\131\335\144\172\032\320\270\173\335" +"\071\025\274\125\110\304\355\072\000\352\061\021\272\362\161\164" +"\032\147\270\317\063\314\250\061\257\243\343\327\177\277\063\055" +"\114\152\074\354\213\303\222\322\123\167\044\164\234\007\156\160" +"\374\275\013\133\166\272\137\362\377\327\067\113\112\140\170\367" +"\360\372\312\160\264\352\131\252\243\316\110\057\251\303\262\013" +"\176\027\162\026\014\246\007\014\033\070\317\311\142\267\077\240" +"\223\245\207\101\362\267\160\100\167\330\276\024\174\343\250\300" +"\172\216\351\143\152\321\017\232\306\322\364\213\072\024\004\126" +"\324\355\270\314\156\365\373\342\054\130\275\177\117\153\053\367" +"\140\044\130\044\316\046\357\064\221\072\325\343\201\320\262\360" +"\004\002\327\133\267\076\222\254\153\022\212\371\344\005\260\073" +"\221\111\134\262\353\123\352\370\237\107\206\356\277\225\300\300" +"\006\237\322\133\136\021\033\364\307\004\065\051\322\125\134\344" +"\355\353\002\003\001\000\001\243\201\311\060\201\306\060\035\006" +"\003\125\035\016\004\026\004\024\305\173\130\275\355\332\045\151" +"\322\367\131\026\250\263\062\300\173\047\133\364\060\016\006\003" +"\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003" +"\125\035\023\001\001\377\004\005\060\003\001\001\377\060\201\203" +"\006\003\125\035\037\004\174\060\172\060\074\240\072\240\070\206" +"\066\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157" +"\144\157\143\141\056\143\157\155\057\124\162\165\163\164\145\144" +"\103\145\162\164\151\146\151\143\141\164\145\123\145\162\166\151" +"\143\145\163\056\143\162\154\060\072\240\070\240\066\206\064\150" +"\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157" +"\056\156\145\164\057\124\162\165\163\164\145\144\103\145\162\164" +"\151\146\151\143\141\164\145\123\145\162\166\151\143\145\163\056" +"\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005" +"\005\000\003\202\001\001\000\310\223\201\073\211\264\257\270\204" +"\022\114\215\322\360\333\160\272\127\206\025\064\020\271\057\177" +"\036\260\250\211\140\241\212\302\167\014\120\112\233\000\213\330" +"\213\364\101\342\320\203\212\112\034\024\006\260\243\150\005\160" +"\061\060\247\123\233\016\351\112\240\130\151\147\016\256\235\366" +"\245\054\101\277\074\006\153\344\131\314\155\020\361\226\157\037" +"\337\364\004\002\244\237\105\076\310\330\372\066\106\104\120\077" +"\202\227\221\037\050\333\030\021\214\052\344\145\203\127\022\022" +"\214\027\077\224\066\376\135\260\300\004\167\023\270\364\025\325" +"\077\070\314\224\072\125\320\254\230\365\272\000\137\340\206\031" +"\201\170\057\050\300\176\323\314\102\012\365\256\120\240\321\076" +"\306\241\161\354\077\240\040\214\146\072\211\264\216\324\330\261" +"\115\045\107\356\057\210\310\265\341\005\105\300\276\024\161\336" +"\172\375\216\173\175\115\010\226\245\022\163\360\055\312\067\047" +"\164\022\047\114\313\266\227\351\331\256\010\155\132\071\100\335" +"\005\107\165\152\132\041\263\243\030\317\116\367\056\127\267\230" +"\160\136\310\304\170\260\142" +, (PRUint32)1095 } +}; +static const NSSItem nss_builtins_items_137 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"Comodo Trusted Services root", (PRUint32)29 }, + { (void *)"\341\237\343\016\213\204\140\236\200\233\027\015\162\250\305\272" +"\156\024\011\275" +, (PRUint32)20 }, + { (void *)"\221\033\077\156\315\236\253\356\007\376\037\161\322\263\141\047" +, (PRUint32)16 }, + { (void *)"\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061" +"\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145" +"\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016" +"\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032" +"\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040" +"\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003" +"\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162" +"\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145" +"\163" +, (PRUint32)129 }, + { (void *)"\002\001\001" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_138 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS Chained CAs root", (PRUint32)21 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023" +"\052\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040" +"\103\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006" +"\003\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141" +"\151\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151" +"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171" +"\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026" +"\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163" +, (PRUint32)288 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023" +"\052\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040" +"\103\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006" +"\003\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141" +"\151\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151" +"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171" +"\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026" +"\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163" +, (PRUint32)288 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\007\367\060\202\007\140\240\003\002\001\002\002\001\000" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023\052" +"\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040\103" +"\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157\156" +"\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006\003" +"\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141\151" +"\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151\143" +"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061" +"\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017" +"\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060" +"\036\027\015\060\061\061\062\062\071\060\060\065\063\065\070\132" +"\027\015\062\065\061\062\062\067\060\060\065\063\065\070\132\060" +"\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023\052" +"\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040\103" +"\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157\156" +"\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006\003" +"\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141\151" +"\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151\143" +"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061" +"\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017" +"\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060" +"\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005" +"\000\003\201\215\000\060\201\211\002\201\201\000\334\126\222\111" +"\262\224\040\274\230\117\120\353\150\244\247\111\013\277\322\061" +"\350\307\117\302\206\013\372\150\375\103\132\212\363\140\222\065" +"\231\070\273\115\003\122\041\133\360\067\231\065\341\101\040\201" +"\205\201\005\161\201\235\264\225\031\251\137\166\064\056\143\067" +"\065\127\216\264\037\102\077\025\134\341\172\301\137\023\030\062" +"\061\311\255\276\243\307\203\146\036\271\234\004\023\313\151\301" +"\006\336\060\006\273\063\243\265\037\360\217\157\316\377\226\350" +"\124\276\146\200\256\153\333\101\204\066\242\075\002\003\001\000" +"\001\243\202\004\103\060\202\004\077\060\035\006\003\125\035\016" +"\004\026\004\024\241\255\061\261\371\076\341\027\246\310\253\064" +"\374\122\207\011\036\142\122\101\060\202\001\116\006\003\125\035" +"\043\004\202\001\105\060\202\001\101\200\024\241\255\061\261\371" +"\076\341\027\246\310\253\064\374\122\207\011\036\142\122\101\241" +"\202\001\044\244\202\001\040\060\202\001\034\061\013\060\011\006" +"\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004" +"\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020" +"\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141" +"\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111" +"\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151" +"\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056" +"\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106" +"\056\040\040\102\055\066\060\071\062\071\064\065\062\061\063\060" +"\061\006\003\125\004\013\023\052\111\120\123\040\103\101\040\103" +"\150\141\151\156\145\144\040\103\101\163\040\103\145\162\164\151" +"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151" +"\164\171\061\063\060\061\006\003\125\004\003\023\052\111\120\123" +"\040\103\101\040\103\150\141\151\156\145\144\040\103\101\163\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110" +"\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154" +"\056\151\160\163\056\145\163\202\001\000\060\014\006\003\125\035" +"\023\004\005\060\003\001\001\377\060\014\006\003\125\035\017\004" +"\005\003\003\007\377\200\060\153\006\003\125\035\045\004\144\060" +"\142\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001" +"\005\005\007\003\002\006\010\053\006\001\005\005\007\003\003\006" +"\010\053\006\001\005\005\007\003\004\006\010\053\006\001\005\005" +"\007\003\010\006\012\053\006\001\004\001\202\067\002\001\025\006" +"\012\053\006\001\004\001\202\067\002\001\026\006\012\053\006\001" +"\004\001\202\067\012\003\001\006\012\053\006\001\004\001\202\067" +"\012\003\004\060\021\006\011\140\206\110\001\206\370\102\001\001" +"\004\004\003\002\000\007\060\032\006\003\125\035\021\004\023\060" +"\021\201\017\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\060\032\006\003\125\035\022\004\023\060\021\201\017\151" +"\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060\102" +"\006\011\140\206\110\001\206\370\102\001\015\004\065\026\063\103" +"\150\141\151\156\145\144\040\103\101\040\103\145\162\164\151\146" +"\151\143\141\164\145\040\151\163\163\165\145\144\040\142\171\040" +"\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145" +"\163\057\060\051\006\011\140\206\110\001\206\370\102\001\002\004" +"\034\026\032\150\164\164\160\072\057\057\167\167\167\056\151\160" +"\163\056\145\163\057\151\160\163\062\060\060\062\057\060\067\006" +"\011\140\206\110\001\206\370\102\001\004\004\052\026\050\150\164" +"\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163\057" +"\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062\103" +"\101\103\056\143\162\154\060\074\006\011\140\206\110\001\206\370" +"\102\001\003\004\057\026\055\150\164\164\160\072\057\057\167\167" +"\167\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062" +"\057\162\145\166\157\143\141\164\151\157\156\103\101\103\056\150" +"\164\155\154\077\060\071\006\011\140\206\110\001\206\370\102\001" +"\007\004\054\026\052\150\164\164\160\072\057\057\167\167\167\056" +"\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057\162" +"\145\156\145\167\141\154\103\101\103\056\150\164\155\154\077\060" +"\067\006\011\140\206\110\001\206\370\102\001\010\004\052\026\050" +"\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145" +"\163\057\151\160\163\062\060\060\062\057\160\157\154\151\143\171" +"\103\101\103\056\150\164\155\154\060\155\006\003\125\035\037\004" +"\146\060\144\060\056\240\054\240\052\206\050\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\151\160\163\062\060\060\062\103\101\103\056" +"\143\162\154\060\062\240\060\240\056\206\054\150\164\164\160\072" +"\057\057\167\167\167\142\141\143\153\056\151\160\163\056\145\163" +"\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062" +"\103\101\103\056\143\162\154\060\057\006\010\053\006\001\005\005" +"\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005\005" +"\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163\160" +"\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110\206" +"\367\015\001\001\005\005\000\003\201\201\000\104\162\060\235\126" +"\130\242\101\033\050\267\225\341\246\032\225\137\247\170\100\053" +"\357\333\226\112\374\114\161\143\331\163\225\275\002\342\242\006" +"\307\276\227\052\223\200\064\206\003\372\334\330\075\036\007\315" +"\036\163\103\044\140\365\035\141\334\334\226\240\274\373\035\343" +"\347\022\000\047\063\002\300\300\053\123\075\330\153\003\201\243" +"\333\326\223\225\040\357\323\226\176\046\220\211\234\046\233\315" +"\157\146\253\355\003\042\104\070\314\131\275\237\333\366\007\242" +"\001\177\046\304\143\365\045\102\136\142\275" +, (PRUint32)2043 } +}; +static const NSSItem nss_builtins_items_139 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS Chained CAs root", (PRUint32)21 }, + { (void *)"\310\302\137\026\236\370\120\164\325\276\350\315\242\324\074\256" +"\347\137\322\127" +, (PRUint32)20 }, + { (void *)"\215\162\121\333\240\072\317\040\167\337\362\145\006\136\337\357" +, (PRUint32)16 }, + { (void *)"\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023" +"\052\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040" +"\103\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006" +"\003\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141" +"\151\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151" +"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171" +"\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026" +"\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163" +, (PRUint32)288 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_140 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASE1 root", (PRUint32)16 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)278 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)278 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\007\352\060\202\007\123\240\003\002\001\002\002\001\000" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023\045" +"\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103\145" +"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150" +"\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023\045" +"\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103\145" +"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150" +"\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206\367" +"\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056\151" +"\160\163\056\145\163\060\036\027\015\060\061\061\062\062\071\060" +"\060\065\071\063\070\132\027\015\062\065\061\062\062\067\060\060" +"\065\071\063\070\132\060\202\001\022\061\013\060\011\006\003\125" +"\004\006\023\002\105\123\061\022\060\020\006\003\125\004\010\023" +"\011\102\141\162\143\145\154\157\156\141\061\022\060\020\006\003" +"\125\004\007\023\011\102\141\162\143\145\154\157\156\141\061\056" +"\060\054\006\003\125\004\012\023\045\111\120\123\040\111\156\164" +"\145\162\156\145\164\040\160\165\142\154\151\163\150\151\156\147" +"\040\123\145\162\166\151\143\145\163\040\163\056\154\056\061\053" +"\060\051\006\003\125\004\012\024\042\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163\040\103\056\111\056\106\056\040" +"\040\102\055\066\060\071\062\071\064\065\062\061\056\060\054\006" +"\003\125\004\013\023\045\111\120\123\040\103\101\040\103\114\101" +"\123\105\061\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\056\060\054\006" +"\003\125\004\003\023\045\111\120\123\040\103\101\040\103\114\101" +"\123\105\061\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\036\060\034\006" +"\011\052\206\110\206\367\015\001\011\001\026\017\151\160\163\100" +"\155\141\151\154\056\151\160\163\056\145\163\060\201\237\060\015" +"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215" +"\000\060\201\211\002\201\201\000\340\121\047\247\013\335\257\321" +"\271\103\133\202\067\105\126\162\357\232\266\302\022\357\054\022" +"\314\166\371\006\131\257\135\041\324\322\132\270\240\324\363\152" +"\375\312\151\215\146\110\367\164\346\356\066\275\350\226\221\165" +"\246\161\050\312\347\042\022\062\151\260\076\036\153\364\120\122" +"\142\142\375\143\073\175\176\354\356\070\352\142\364\154\250\161" +"\215\341\351\213\311\077\306\265\315\224\102\157\335\202\105\074" +"\350\337\011\350\357\012\125\251\126\107\141\114\111\144\163\020" +"\050\077\312\277\011\377\306\057\002\003\001\000\001\243\202\004" +"\112\060\202\004\106\060\035\006\003\125\035\016\004\026\004\024" +"\353\263\031\171\363\301\245\034\254\334\272\037\146\242\262\233" +"\151\320\170\010\060\202\001\104\006\003\125\035\043\004\202\001" +"\073\060\202\001\067\200\024\353\263\031\171\363\301\245\034\254" +"\334\272\037\146\242\262\233\151\320\170\010\241\202\001\032\244" +"\202\001\026\060\202\001\022\061\013\060\011\006\003\125\004\006" +"\023\002\105\123\061\022\060\020\006\003\125\004\010\023\011\102" +"\141\162\143\145\154\157\156\141\061\022\060\020\006\003\125\004" +"\007\023\011\102\141\162\143\145\154\157\156\141\061\056\060\054" +"\006\003\125\004\012\023\045\111\120\123\040\111\156\164\145\162" +"\156\145\164\040\160\165\142\154\151\163\150\151\156\147\040\123" +"\145\162\166\151\143\145\163\040\163\056\154\056\061\053\060\051" +"\006\003\125\004\012\024\042\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163\040\103\056\111\056\106\056\040\040\102" +"\055\066\060\071\062\071\064\065\062\061\056\060\054\006\003\125" +"\004\013\023\045\111\120\123\040\103\101\040\103\114\101\123\105" +"\061\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040" +"\101\165\164\150\157\162\151\164\171\061\056\060\054\006\003\125" +"\004\003\023\045\111\120\123\040\103\101\040\103\114\101\123\105" +"\061\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040" +"\101\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052" +"\206\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141" +"\151\154\056\151\160\163\056\145\163\202\001\000\060\014\006\003" +"\125\035\023\004\005\060\003\001\001\377\060\014\006\003\125\035" +"\017\004\005\003\003\007\377\200\060\153\006\003\125\035\045\004" +"\144\060\142\006\010\053\006\001\005\005\007\003\001\006\010\053" +"\006\001\005\005\007\003\002\006\010\053\006\001\005\005\007\003" +"\003\006\010\053\006\001\005\005\007\003\004\006\010\053\006\001" +"\005\005\007\003\010\006\012\053\006\001\004\001\202\067\002\001" +"\025\006\012\053\006\001\004\001\202\067\002\001\026\006\012\053" +"\006\001\004\001\202\067\012\003\001\006\012\053\006\001\004\001" +"\202\067\012\003\004\060\021\006\011\140\206\110\001\206\370\102" +"\001\001\004\004\003\002\000\007\060\032\006\003\125\035\021\004" +"\023\060\021\201\017\151\160\163\100\155\141\151\154\056\151\160" +"\163\056\145\163\060\032\006\003\125\035\022\004\023\060\021\201" +"\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163" +"\060\101\006\011\140\206\110\001\206\370\102\001\015\004\064\026" +"\062\103\114\101\123\105\061\040\103\101\040\103\145\162\164\151" +"\146\151\143\141\164\145\040\151\163\163\165\145\144\040\142\171" +"\040\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056" +"\145\163\057\060\051\006\011\140\206\110\001\206\370\102\001\002" +"\004\034\026\032\150\164\164\160\072\057\057\167\167\167\056\151" +"\160\163\056\145\163\057\151\160\163\062\060\060\062\057\060\072" +"\006\011\140\206\110\001\206\370\102\001\004\004\055\026\053\150" +"\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163" +"\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062" +"\103\114\101\123\105\061\056\143\162\154\060\077\006\011\140\206" +"\110\001\206\370\102\001\003\004\062\026\060\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\162\145\166\157\143\141\164\151\157\156\103" +"\114\101\123\105\061\056\150\164\155\154\077\060\074\006\011\140" +"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160" +"\072\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160" +"\163\062\060\060\062\057\162\145\156\145\167\141\154\103\114\101" +"\123\105\061\056\150\164\155\154\077\060\072\006\011\140\206\110" +"\001\206\370\102\001\010\004\055\026\053\150\164\164\160\072\057" +"\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062" +"\060\060\062\057\160\157\154\151\143\171\103\114\101\123\105\061" +"\056\150\164\155\154\060\163\006\003\125\035\037\004\154\060\152" +"\060\061\240\057\240\055\206\053\150\164\164\160\072\057\057\167" +"\167\167\056\151\160\163\056\145\163\057\151\160\163\062\060\060" +"\062\057\151\160\163\062\060\060\062\103\114\101\123\105\061\056" +"\143\162\154\060\065\240\063\240\061\206\057\150\164\164\160\072" +"\057\057\167\167\167\142\141\143\153\056\151\160\163\056\145\163" +"\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062" +"\103\114\101\123\105\061\056\143\162\154\060\057\006\010\053\006" +"\001\005\005\007\001\001\004\043\060\041\060\037\006\010\053\006" +"\001\005\005\007\060\001\206\023\150\164\164\160\072\057\057\157" +"\143\163\160\056\151\160\163\056\145\163\057\060\015\006\011\052" +"\206\110\206\367\015\001\001\005\005\000\003\201\201\000\053\320" +"\353\375\332\310\312\131\152\332\323\314\062\056\311\124\033\212" +"\142\176\025\055\351\331\061\323\056\364\047\043\377\133\253\305" +"\112\266\162\100\256\123\164\364\274\005\264\306\331\310\311\167" +"\373\267\371\064\177\170\000\370\326\244\344\122\077\054\112\143" +"\127\201\165\132\216\350\214\373\002\300\224\306\051\272\263\334" +"\034\350\262\257\322\056\142\133\032\251\216\016\314\305\127\105" +"\121\024\351\116\034\210\245\221\364\243\367\216\121\310\251\276" +"\206\063\076\346\057\110\156\257\124\220\116\255\261\045" +, (PRUint32)2030 } +}; +static const NSSItem nss_builtins_items_141 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASE1 root", (PRUint32)16 }, + { (void *)"\103\236\122\137\132\152\107\303\054\353\304\134\143\355\071\061" +"\174\345\364\337" +, (PRUint32)20 }, + { (void *)"\204\220\035\225\060\111\126\374\101\201\360\105\327\166\304\153" +, (PRUint32)16 }, + { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)278 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_142 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASE3 root", (PRUint32)16 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)278 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)278 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\007\352\060\202\007\123\240\003\002\001\002\002\001\000" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023\045" +"\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103\145" +"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150" +"\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023\045" +"\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103\145" +"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150" +"\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206\367" +"\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056\151" +"\160\163\056\145\163\060\036\027\015\060\061\061\062\062\071\060" +"\061\060\061\064\064\132\027\015\062\065\061\062\062\067\060\061" +"\060\061\064\064\132\060\202\001\022\061\013\060\011\006\003\125" +"\004\006\023\002\105\123\061\022\060\020\006\003\125\004\010\023" +"\011\102\141\162\143\145\154\157\156\141\061\022\060\020\006\003" +"\125\004\007\023\011\102\141\162\143\145\154\157\156\141\061\056" +"\060\054\006\003\125\004\012\023\045\111\120\123\040\111\156\164" +"\145\162\156\145\164\040\160\165\142\154\151\163\150\151\156\147" +"\040\123\145\162\166\151\143\145\163\040\163\056\154\056\061\053" +"\060\051\006\003\125\004\012\024\042\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163\040\103\056\111\056\106\056\040" +"\040\102\055\066\060\071\062\071\064\065\062\061\056\060\054\006" +"\003\125\004\013\023\045\111\120\123\040\103\101\040\103\114\101" +"\123\105\063\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\056\060\054\006" +"\003\125\004\003\023\045\111\120\123\040\103\101\040\103\114\101" +"\123\105\063\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\036\060\034\006" +"\011\052\206\110\206\367\015\001\011\001\026\017\151\160\163\100" +"\155\141\151\154\056\151\160\163\056\145\163\060\201\237\060\015" +"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215" +"\000\060\201\211\002\201\201\000\253\027\376\016\260\306\150\033" +"\123\360\122\276\237\372\332\372\213\023\004\273\001\217\062\331" +"\037\217\115\316\066\230\332\344\000\104\214\050\330\023\104\052" +"\244\153\116\027\044\102\234\323\210\244\101\202\326\043\373\213" +"\311\206\345\271\251\202\005\334\361\336\037\340\014\231\125\230" +"\362\070\354\154\235\040\003\300\357\252\243\306\144\004\121\055" +"\170\015\243\322\250\072\326\044\114\351\226\172\030\254\023\043" +"\042\033\174\350\061\021\263\137\011\252\060\160\161\106\045\153" +"\111\161\200\053\225\001\262\037\002\003\001\000\001\243\202\004" +"\112\060\202\004\106\060\035\006\003\125\035\016\004\026\004\024" +"\270\223\377\056\313\334\054\216\242\347\172\376\066\121\041\243" +"\230\133\014\064\060\202\001\104\006\003\125\035\043\004\202\001" +"\073\060\202\001\067\200\024\270\223\377\056\313\334\054\216\242" +"\347\172\376\066\121\041\243\230\133\014\064\241\202\001\032\244" +"\202\001\026\060\202\001\022\061\013\060\011\006\003\125\004\006" +"\023\002\105\123\061\022\060\020\006\003\125\004\010\023\011\102" +"\141\162\143\145\154\157\156\141\061\022\060\020\006\003\125\004" +"\007\023\011\102\141\162\143\145\154\157\156\141\061\056\060\054" +"\006\003\125\004\012\023\045\111\120\123\040\111\156\164\145\162" +"\156\145\164\040\160\165\142\154\151\163\150\151\156\147\040\123" +"\145\162\166\151\143\145\163\040\163\056\154\056\061\053\060\051" +"\006\003\125\004\012\024\042\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163\040\103\056\111\056\106\056\040\040\102" +"\055\066\060\071\062\071\064\065\062\061\056\060\054\006\003\125" +"\004\013\023\045\111\120\123\040\103\101\040\103\114\101\123\105" +"\063\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040" +"\101\165\164\150\157\162\151\164\171\061\056\060\054\006\003\125" +"\004\003\023\045\111\120\123\040\103\101\040\103\114\101\123\105" +"\063\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040" +"\101\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052" +"\206\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141" +"\151\154\056\151\160\163\056\145\163\202\001\000\060\014\006\003" +"\125\035\023\004\005\060\003\001\001\377\060\014\006\003\125\035" +"\017\004\005\003\003\007\377\200\060\153\006\003\125\035\045\004" +"\144\060\142\006\010\053\006\001\005\005\007\003\001\006\010\053" +"\006\001\005\005\007\003\002\006\010\053\006\001\005\005\007\003" +"\003\006\010\053\006\001\005\005\007\003\004\006\010\053\006\001" +"\005\005\007\003\010\006\012\053\006\001\004\001\202\067\002\001" +"\025\006\012\053\006\001\004\001\202\067\002\001\026\006\012\053" +"\006\001\004\001\202\067\012\003\001\006\012\053\006\001\004\001" +"\202\067\012\003\004\060\021\006\011\140\206\110\001\206\370\102" +"\001\001\004\004\003\002\000\007\060\032\006\003\125\035\021\004" +"\023\060\021\201\017\151\160\163\100\155\141\151\154\056\151\160" +"\163\056\145\163\060\032\006\003\125\035\022\004\023\060\021\201" +"\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163" +"\060\101\006\011\140\206\110\001\206\370\102\001\015\004\064\026" +"\062\103\114\101\123\105\063\040\103\101\040\103\145\162\164\151" +"\146\151\143\141\164\145\040\151\163\163\165\145\144\040\142\171" +"\040\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056" +"\145\163\057\060\051\006\011\140\206\110\001\206\370\102\001\002" +"\004\034\026\032\150\164\164\160\072\057\057\167\167\167\056\151" +"\160\163\056\145\163\057\151\160\163\062\060\060\062\057\060\072" +"\006\011\140\206\110\001\206\370\102\001\004\004\055\026\053\150" +"\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163" +"\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062" +"\103\114\101\123\105\063\056\143\162\154\060\077\006\011\140\206" +"\110\001\206\370\102\001\003\004\062\026\060\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\162\145\166\157\143\141\164\151\157\156\103" +"\114\101\123\105\063\056\150\164\155\154\077\060\074\006\011\140" +"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160" +"\072\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160" +"\163\062\060\060\062\057\162\145\156\145\167\141\154\103\114\101" +"\123\105\063\056\150\164\155\154\077\060\072\006\011\140\206\110" +"\001\206\370\102\001\010\004\055\026\053\150\164\164\160\072\057" +"\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062" +"\060\060\062\057\160\157\154\151\143\171\103\114\101\123\105\063" +"\056\150\164\155\154\060\163\006\003\125\035\037\004\154\060\152" +"\060\061\240\057\240\055\206\053\150\164\164\160\072\057\057\167" +"\167\167\056\151\160\163\056\145\163\057\151\160\163\062\060\060" +"\062\057\151\160\163\062\060\060\062\103\114\101\123\105\063\056" +"\143\162\154\060\065\240\063\240\061\206\057\150\164\164\160\072" +"\057\057\167\167\167\142\141\143\153\056\151\160\163\056\145\163" +"\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062" +"\103\114\101\123\105\063\056\143\162\154\060\057\006\010\053\006" +"\001\005\005\007\001\001\004\043\060\041\060\037\006\010\053\006" +"\001\005\005\007\060\001\206\023\150\164\164\160\072\057\057\157" +"\143\163\160\056\151\160\163\056\145\163\057\060\015\006\011\052" +"\206\110\206\367\015\001\001\005\005\000\003\201\201\000\027\145" +"\134\231\225\103\003\047\257\046\345\353\320\263\027\043\367\103" +"\252\307\360\175\354\017\306\251\256\256\226\017\166\051\034\342" +"\006\055\176\046\305\074\372\241\301\201\316\123\260\102\321\227" +"\127\032\027\176\244\121\141\306\356\351\136\357\005\272\353\275" +"\017\247\222\157\330\243\006\150\051\216\171\365\377\277\371\247" +"\257\344\261\316\302\321\200\102\047\005\004\064\370\303\177\026" +"\170\043\014\007\044\362\106\107\255\073\124\320\257\325\061\262" +"\257\175\310\352\351\324\126\331\016\023\262\305\105\120" +, (PRUint32)2030 } +}; +static const NSSItem nss_builtins_items_143 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASE3 root", (PRUint32)16 }, + { (void *)"\101\170\253\114\277\316\173\101\002\254\332\304\223\076\157\365" +"\015\317\161\134" +, (PRUint32)20 }, + { (void *)"\102\166\227\150\317\246\264\070\044\252\241\033\362\147\336\312" +, (PRUint32)16 }, + { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023" +"\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)278 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_144 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASEA1 root", (PRUint32)17 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003" +"\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061" +"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101" +"\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206" +"\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163" +, (PRUint32)280 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003" +"\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061" +"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101" +"\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206" +"\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163" +, (PRUint32)280 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\007\367\060\202\007\140\240\003\002\001\002\002\001\000" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023\046" +"\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110" +"\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154" +"\056\151\160\163\056\145\163\060\036\027\015\060\061\061\062\062" +"\071\060\061\060\065\063\062\132\027\015\062\065\061\062\062\067" +"\060\061\060\065\063\062\132\060\202\001\024\061\013\060\011\006" +"\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004" +"\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020" +"\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141" +"\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111" +"\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151" +"\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056" +"\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106" +"\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060" +"\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103" +"\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143\141" +"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057" +"\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040" +"\103\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143" +"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061" +"\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017" +"\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060" +"\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005" +"\000\003\201\215\000\060\201\211\002\201\201\000\273\060\327\334" +"\320\124\275\065\116\237\305\114\202\352\321\120\074\107\230\374" +"\233\151\235\167\315\156\340\077\356\353\062\137\137\237\322\320" +"\171\345\225\163\104\041\062\340\012\333\235\327\316\215\253\122" +"\213\053\170\340\233\133\175\364\375\155\011\345\256\341\154\035" +"\007\043\240\027\321\371\175\250\106\106\221\042\250\262\151\306" +"\255\367\365\365\224\241\060\224\275\000\314\104\177\356\304\236" +"\311\301\346\217\012\066\301\375\044\075\001\240\365\173\342\174" +"\170\146\103\213\117\131\362\233\331\372\111\263\002\003\001\000" +"\001\243\202\004\123\060\202\004\117\060\035\006\003\125\035\016" +"\004\026\004\024\147\046\226\347\241\277\330\265\003\235\376\073" +"\334\376\362\212\346\025\335\060\060\202\001\106\006\003\125\035" +"\043\004\202\001\075\060\202\001\071\200\024\147\046\226\347\241" +"\277\330\265\003\235\376\073\334\376\362\212\346\025\335\060\241" +"\202\001\034\244\202\001\030\060\202\001\024\061\013\060\011\006" +"\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004" +"\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020" +"\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141" +"\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111" +"\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151" +"\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056" +"\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106" +"\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060" +"\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103" +"\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143\141" +"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057" +"\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040" +"\103\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143" +"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061" +"\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017" +"\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\202" +"\001\000\060\014\006\003\125\035\023\004\005\060\003\001\001\377" +"\060\014\006\003\125\035\017\004\005\003\003\007\377\200\060\153" +"\006\003\125\035\045\004\144\060\142\006\010\053\006\001\005\005" +"\007\003\001\006\010\053\006\001\005\005\007\003\002\006\010\053" +"\006\001\005\005\007\003\003\006\010\053\006\001\005\005\007\003" +"\004\006\010\053\006\001\005\005\007\003\010\006\012\053\006\001" +"\004\001\202\067\002\001\025\006\012\053\006\001\004\001\202\067" +"\002\001\026\006\012\053\006\001\004\001\202\067\012\003\001\006" +"\012\053\006\001\004\001\202\067\012\003\004\060\021\006\011\140" +"\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\032" +"\006\003\125\035\021\004\023\060\021\201\017\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\060\032\006\003\125\035" +"\022\004\023\060\021\201\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163\060\102\006\011\140\206\110\001\206\370" +"\102\001\015\004\065\026\063\103\114\101\123\105\101\061\040\103" +"\101\040\103\145\162\164\151\146\151\143\141\164\145\040\151\163" +"\163\165\145\144\040\142\171\040\150\164\164\160\072\057\057\167" +"\167\167\056\151\160\163\056\145\163\057\060\051\006\011\140\206" +"\110\001\206\370\102\001\002\004\034\026\032\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\060\073\006\011\140\206\110\001\206\370\102" +"\001\004\004\056\026\054\150\164\164\160\072\057\057\167\167\167" +"\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057" +"\151\160\163\062\060\060\062\103\114\101\123\105\101\061\056\143" +"\162\154\060\100\006\011\140\206\110\001\206\370\102\001\003\004" +"\063\026\061\150\164\164\160\072\057\057\167\167\167\056\151\160" +"\163\056\145\163\057\151\160\163\062\060\060\062\057\162\145\166" +"\157\143\141\164\151\157\156\103\114\101\123\105\101\061\056\150" +"\164\155\154\077\060\075\006\011\140\206\110\001\206\370\102\001" +"\007\004\060\026\056\150\164\164\160\072\057\057\167\167\167\056" +"\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057\162" +"\145\156\145\167\141\154\103\114\101\123\105\101\061\056\150\164" +"\155\154\077\060\073\006\011\140\206\110\001\206\370\102\001\010" +"\004\056\026\054\150\164\164\160\072\057\057\167\167\167\056\151" +"\160\163\056\145\163\057\151\160\163\062\060\060\062\057\160\157" +"\154\151\143\171\103\114\101\123\105\101\061\056\150\164\155\154" +"\060\165\006\003\125\035\037\004\156\060\154\060\062\240\060\240" +"\056\206\054\150\164\164\160\072\057\057\167\167\167\056\151\160" +"\163\056\145\163\057\151\160\163\062\060\060\062\057\151\160\163" +"\062\060\060\062\103\114\101\123\105\101\061\056\143\162\154\060" +"\066\240\064\240\062\206\060\150\164\164\160\072\057\057\167\167" +"\167\142\141\143\153\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\151\160\163\062\060\060\062\103\114\101\123" +"\105\101\061\056\143\162\154\060\057\006\010\053\006\001\005\005" +"\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005\005" +"\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163\160" +"\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110\206" +"\367\015\001\001\005\005\000\003\201\201\000\176\272\212\254\200" +"\000\204\025\012\325\230\121\014\144\305\234\002\130\203\146\312" +"\255\036\007\315\176\152\332\200\007\337\003\064\112\034\223\304" +"\113\130\040\065\066\161\355\242\012\065\022\245\246\145\247\205" +"\151\012\016\343\141\356\352\276\050\223\063\325\354\350\276\304" +"\333\137\177\250\371\143\061\310\153\226\342\051\302\133\240\347" +"\227\066\235\167\136\061\153\376\323\247\333\052\333\333\226\213" +"\037\146\336\266\003\300\053\263\170\326\125\007\345\217\071\120" +"\336\007\043\162\346\275\040\024\113\264\206" +, (PRUint32)2043 } +}; +static const NSSItem nss_builtins_items_145 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASEA1 root", (PRUint32)17 }, + { (void *)"\063\243\065\302\074\350\003\113\004\341\075\345\304\216\171\032" +"\353\214\062\004" +, (PRUint32)20 }, + { (void *)"\014\370\236\027\374\324\003\275\346\215\233\074\005\207\376\204" +, (PRUint32)16 }, + { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003" +"\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061" +"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101" +"\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206" +"\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163" +, (PRUint32)280 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_146 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASEA3 root", (PRUint32)17 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003" +"\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063" +"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101" +"\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206" +"\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163" +, (PRUint32)280 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003" +"\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063" +"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101" +"\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206" +"\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163" +, (PRUint32)280 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\007\367\060\202\007\140\240\003\002\001\002\002\001\000" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023\046" +"\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040\103" +"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164" +"\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110" +"\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154" +"\056\151\160\163\056\145\163\060\036\027\015\060\061\061\062\062" +"\071\060\061\060\067\065\060\132\027\015\062\065\061\062\062\067" +"\060\061\060\067\065\060\132\060\202\001\024\061\013\060\011\006" +"\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004" +"\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020" +"\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141" +"\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111" +"\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151" +"\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056" +"\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106" +"\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060" +"\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103" +"\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143\141" +"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057" +"\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040" +"\103\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143" +"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061" +"\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017" +"\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060" +"\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005" +"\000\003\201\215\000\060\201\211\002\201\201\000\356\200\000\366" +"\032\144\056\255\152\310\203\261\213\247\356\217\331\266\333\315" +"\033\273\206\006\042\166\063\014\022\155\110\126\141\322\334\202" +"\045\142\057\237\322\151\060\145\003\102\043\130\274\107\334\153" +"\326\165\135\027\074\341\377\362\130\147\171\240\301\201\261\324" +"\126\242\362\215\021\231\375\366\175\361\307\304\136\002\052\232" +"\342\112\265\023\212\000\375\214\167\206\346\327\224\365\040\165" +"\056\016\114\277\164\304\077\201\076\203\264\243\070\066\051\347" +"\350\052\365\214\210\101\252\200\246\343\154\357\002\003\001\000" +"\001\243\202\004\123\060\202\004\117\060\035\006\003\125\035\016" +"\004\026\004\024\036\237\127\120\107\266\141\223\071\323\054\374" +"\332\135\075\005\165\267\231\002\060\202\001\106\006\003\125\035" +"\043\004\202\001\075\060\202\001\071\200\024\036\237\127\120\107" +"\266\141\223\071\323\054\374\332\135\075\005\165\267\231\002\241" +"\202\001\034\244\202\001\030\060\202\001\024\061\013\060\011\006" +"\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004" +"\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020" +"\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141" +"\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111" +"\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151" +"\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056" +"\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106" +"\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060" +"\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103" +"\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143\141" +"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057" +"\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040" +"\103\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143" +"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061" +"\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017" +"\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\202" +"\001\000\060\014\006\003\125\035\023\004\005\060\003\001\001\377" +"\060\014\006\003\125\035\017\004\005\003\003\007\377\200\060\153" +"\006\003\125\035\045\004\144\060\142\006\010\053\006\001\005\005" +"\007\003\001\006\010\053\006\001\005\005\007\003\002\006\010\053" +"\006\001\005\005\007\003\003\006\010\053\006\001\005\005\007\003" +"\004\006\010\053\006\001\005\005\007\003\010\006\012\053\006\001" +"\004\001\202\067\002\001\025\006\012\053\006\001\004\001\202\067" +"\002\001\026\006\012\053\006\001\004\001\202\067\012\003\001\006" +"\012\053\006\001\004\001\202\067\012\003\004\060\021\006\011\140" +"\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\032" +"\006\003\125\035\021\004\023\060\021\201\017\151\160\163\100\155" +"\141\151\154\056\151\160\163\056\145\163\060\032\006\003\125\035" +"\022\004\023\060\021\201\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163\060\102\006\011\140\206\110\001\206\370" +"\102\001\015\004\065\026\063\103\114\101\123\105\101\063\040\103" +"\101\040\103\145\162\164\151\146\151\143\141\164\145\040\151\163" +"\163\165\145\144\040\142\171\040\150\164\164\160\072\057\057\167" +"\167\167\056\151\160\163\056\145\163\057\060\051\006\011\140\206" +"\110\001\206\370\102\001\002\004\034\026\032\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\060\073\006\011\140\206\110\001\206\370\102" +"\001\004\004\056\026\054\150\164\164\160\072\057\057\167\167\167" +"\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057" +"\151\160\163\062\060\060\062\103\114\101\123\105\101\063\056\143" +"\162\154\060\100\006\011\140\206\110\001\206\370\102\001\003\004" +"\063\026\061\150\164\164\160\072\057\057\167\167\167\056\151\160" +"\163\056\145\163\057\151\160\163\062\060\060\062\057\162\145\166" +"\157\143\141\164\151\157\156\103\114\101\123\105\101\063\056\150" +"\164\155\154\077\060\075\006\011\140\206\110\001\206\370\102\001" +"\007\004\060\026\056\150\164\164\160\072\057\057\167\167\167\056" +"\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057\162" +"\145\156\145\167\141\154\103\114\101\123\105\101\063\056\150\164" +"\155\154\077\060\073\006\011\140\206\110\001\206\370\102\001\010" +"\004\056\026\054\150\164\164\160\072\057\057\167\167\167\056\151" +"\160\163\056\145\163\057\151\160\163\062\060\060\062\057\160\157" +"\154\151\143\171\103\114\101\123\105\101\063\056\150\164\155\154" +"\060\165\006\003\125\035\037\004\156\060\154\060\062\240\060\240" +"\056\206\054\150\164\164\160\072\057\057\167\167\167\056\151\160" +"\163\056\145\163\057\151\160\163\062\060\060\062\057\151\160\163" +"\062\060\060\062\103\114\101\123\105\101\063\056\143\162\154\060" +"\066\240\064\240\062\206\060\150\164\164\160\072\057\057\167\167" +"\167\142\141\143\153\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\151\160\163\062\060\060\062\103\114\101\123" +"\105\101\063\056\143\162\154\060\057\006\010\053\006\001\005\005" +"\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005\005" +"\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163\160" +"\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110\206" +"\367\015\001\001\005\005\000\003\201\201\000\112\075\040\107\032" +"\332\211\364\172\053\061\171\354\001\300\314\001\365\326\301\374" +"\310\303\363\120\002\121\220\130\052\237\347\065\011\133\060\012" +"\201\000\045\107\257\324\017\016\236\140\046\250\225\247\203\010" +"\337\055\254\351\016\367\234\310\237\313\223\105\361\272\152\306" +"\147\121\112\151\117\153\376\175\013\057\122\051\302\120\255\044" +"\104\355\043\263\110\313\104\100\301\003\225\014\012\170\006\022" +"\001\365\221\061\055\111\215\273\077\105\116\054\340\350\315\265" +"\311\024\025\014\343\007\203\233\046\165\357" +, (PRUint32)2043 } +}; +static const NSSItem nss_builtins_items_147 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS CLASEA3 root", (PRUint32)17 }, + { (void *)"\026\324\044\376\226\020\341\165\031\257\043\053\266\207\164\342" +"\101\104\276\156" +, (PRUint32)20 }, + { (void *)"\006\371\353\354\314\126\235\210\272\220\365\272\260\032\340\002" +, (PRUint32)16 }, + { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023" +"\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003" +"\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063" +"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101" +"\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206" +"\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163" +, (PRUint32)280 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_148 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS Servidores root", (PRUint32)20 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105" +"\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102" +"\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004" +"\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144" +"\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145" +"\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060" +"\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126" +"\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)166 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105" +"\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102" +"\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004" +"\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144" +"\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145" +"\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060" +"\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126" +"\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)166 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\002\267\060\202\002\040\002\001\000\060\015\006\011\052" +"\206\110\206\367\015\001\001\004\005\000\060\201\243\061\013\060" +"\011\006\003\125\004\006\023\002\105\123\061\022\060\020\006\003" +"\125\004\010\023\011\102\101\122\103\105\114\117\116\101\061\022" +"\060\020\006\003\125\004\007\023\011\102\101\122\103\105\114\117" +"\116\101\061\031\060\027\006\003\125\004\012\023\020\111\120\123" +"\040\123\145\147\165\162\151\144\141\144\040\103\101\061\030\060" +"\026\006\003\125\004\013\023\017\103\145\162\164\151\146\151\143" +"\141\143\151\157\156\145\163\061\027\060\025\006\003\125\004\003" +"\023\016\111\120\123\040\123\105\122\126\111\104\117\122\105\123" +"\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026" +"\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163" +"\060\036\027\015\071\070\060\061\060\061\062\063\062\061\060\067" +"\132\027\015\060\071\061\062\062\071\062\063\062\061\060\067\132" +"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105" +"\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102" +"\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004" +"\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144" +"\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145" +"\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060" +"\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126" +"\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163\060\201\237\060\015\006\011\052\206\110" +"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002" +"\201\201\000\254\117\122\164\237\071\352\216\334\045\304\274\230" +"\135\230\144\044\011\074\041\263\314\031\265\216\224\216\207\321" +"\370\067\076\241\310\055\130\244\200\065\133\241\165\154\035\105" +"\014\037\141\143\152\136\157\233\012\114\301\310\270\141\043\065" +"\201\377\376\254\170\160\055\150\341\072\007\230\225\002\124\335" +"\315\043\267\200\123\327\310\067\105\162\006\044\022\272\023\141" +"\041\212\156\165\050\340\305\017\064\375\066\330\105\177\341\270" +"\066\357\263\341\306\040\216\350\264\070\274\341\076\366\021\336" +"\214\235\001\002\003\001\000\001\060\015\006\011\052\206\110\206" +"\367\015\001\001\004\005\000\003\201\201\000\054\363\303\171\130" +"\044\336\306\073\321\340\102\151\270\356\144\263\075\142\001\271" +"\263\204\337\043\175\335\230\317\020\251\376\000\330\042\226\005" +"\023\007\124\127\305\247\336\313\331\270\210\102\366\231\333\024" +"\167\037\266\376\045\075\341\242\076\003\251\201\322\055\154\107" +"\365\226\106\214\042\253\310\314\015\016\227\136\213\101\264\073" +"\304\012\006\100\035\335\106\364\001\335\272\202\056\074\075\170" +"\160\236\174\030\320\253\370\270\167\007\106\161\361\312\013\143" +"\134\152\371\162\224\325\001\117\240\333\102" +, (PRUint32)699 } +}; +static const NSSItem nss_builtins_items_149 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS Servidores root", (PRUint32)20 }, + { (void *)"\044\272\155\154\212\133\130\067\244\215\265\372\351\031\352\147" +"\134\224\322\027" +, (PRUint32)20 }, + { (void *)"\173\265\010\231\232\214\030\277\205\047\175\016\256\332\262\253" +, (PRUint32)16 }, + { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105" +"\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102" +"\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004" +"\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144" +"\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145" +"\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060" +"\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126" +"\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206" +"\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056" +"\151\160\163\056\145\163" +, (PRUint32)166 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; +static const NSSItem nss_builtins_items_150 [] = { + { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS Timestamping root", (PRUint32)22 }, + { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, + { (void *)"\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023" +"\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155" +"\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151" +"\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062" +"\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151" +"\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151" +"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151" +"\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011" +"\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163" +, (PRUint32)290 }, + { (void *)"0", (PRUint32)2 }, + { (void *)"\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023" +"\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155" +"\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151" +"\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062" +"\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151" +"\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151" +"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151" +"\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011" +"\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163" +, (PRUint32)290 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)"\060\202\010\070\060\202\007\241\240\003\002\001\002\002\001\000" +"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" +"\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105\123" +"\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145" +"\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102" +"\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004" +"\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040" +"\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151" +"\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004" +"\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071" +"\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023\053" +"\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155\160" +"\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151\157" +"\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062\006" +"\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151\155" +"\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151\146" +"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164" +"\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001" +"\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145" +"\163\060\036\027\015\060\061\061\062\062\071\060\061\061\060\061" +"\070\132\027\015\062\065\061\062\062\067\060\061\061\060\061\070" +"\132\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002" +"\105\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162" +"\143\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023" +"\011\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003" +"\125\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145" +"\164\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162" +"\166\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003" +"\125\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160" +"\163\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066" +"\060\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013" +"\023\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141" +"\155\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164" +"\151\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060" +"\062\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124" +"\151\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164" +"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162" +"\151\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001" +"\011\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\060\201\237\060\015\006\011\052\206\110\206\367\015" +"\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000" +"\274\270\356\126\245\232\214\346\066\311\302\142\240\146\201\215" +"\032\325\172\322\163\237\016\204\144\272\225\264\220\247\170\257" +"\312\376\124\141\133\316\262\040\127\001\256\104\222\103\020\070" +"\021\367\150\374\027\100\245\150\047\062\073\304\247\346\102\161" +"\305\231\357\166\377\053\225\044\365\111\222\030\150\312\000\265" +"\244\132\057\156\313\326\033\054\015\124\147\153\172\051\241\130" +"\253\242\132\000\326\133\273\030\302\337\366\036\023\126\166\233" +"\245\150\342\230\316\306\003\212\064\333\114\203\101\246\251\243" +"\002\003\001\000\001\243\202\004\200\060\202\004\174\060\035\006" +"\003\125\035\016\004\026\004\024\213\320\020\120\011\201\362\235" +"\011\325\016\140\170\003\042\242\077\310\312\146\060\202\001\120" +"\006\003\125\035\043\004\202\001\107\060\202\001\103\200\024\213" +"\320\020\120\011\201\362\235\011\325\016\140\170\003\042\242\077" +"\310\312\146\241\202\001\046\244\202\001\042\060\202\001\036\061" +"\013\060\011\006\003\125\004\006\023\002\105\123\061\022\060\020" +"\006\003\125\004\010\023\011\102\141\162\143\145\154\157\156\141" +"\061\022\060\020\006\003\125\004\007\023\011\102\141\162\143\145" +"\154\157\156\141\061\056\060\054\006\003\125\004\012\023\045\111" +"\120\123\040\111\156\164\145\162\156\145\164\040\160\165\142\154" +"\151\163\150\151\156\147\040\123\145\162\166\151\143\145\163\040" +"\163\056\154\056\061\053\060\051\006\003\125\004\012\024\042\151" +"\160\163\100\155\141\151\154\056\151\160\163\056\145\163\040\103" +"\056\111\056\106\056\040\040\102\055\066\060\071\062\071\064\065" +"\062\061\064\060\062\006\003\125\004\013\023\053\111\120\123\040" +"\103\101\040\124\151\155\145\163\164\141\155\160\151\156\147\040" +"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165" +"\164\150\157\162\151\164\171\061\064\060\062\006\003\125\004\003" +"\023\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141" +"\155\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164" +"\151\157\156\040\101\165\164\150\157\162\151\164\171\061\036\060" +"\034\006\011\052\206\110\206\367\015\001\011\001\026\017\151\160" +"\163\100\155\141\151\154\056\151\160\163\056\145\163\202\001\000" +"\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\014" +"\006\003\125\035\017\004\005\003\003\007\377\200\060\153\006\003" +"\125\035\045\004\144\060\142\006\010\053\006\001\005\005\007\003" +"\001\006\010\053\006\001\005\005\007\003\002\006\010\053\006\001" +"\005\005\007\003\003\006\010\053\006\001\005\005\007\003\004\006" +"\010\053\006\001\005\005\007\003\010\006\012\053\006\001\004\001" +"\202\067\002\001\025\006\012\053\006\001\004\001\202\067\002\001" +"\026\006\012\053\006\001\004\001\202\067\012\003\001\006\012\053" +"\006\001\004\001\202\067\012\003\004\060\021\006\011\140\206\110" +"\001\206\370\102\001\001\004\004\003\002\000\007\060\032\006\003" +"\125\035\021\004\023\060\021\201\017\151\160\163\100\155\141\151" +"\154\056\151\160\163\056\145\163\060\032\006\003\125\035\022\004" +"\023\060\021\201\017\151\160\163\100\155\141\151\154\056\151\160" +"\163\056\145\163\060\107\006\011\140\206\110\001\206\370\102\001" +"\015\004\072\026\070\124\151\155\145\163\164\141\155\160\151\156" +"\147\040\103\101\040\103\145\162\164\151\146\151\143\141\164\145" +"\040\151\163\163\165\145\144\040\142\171\040\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\060\051\006" +"\011\140\206\110\001\206\370\102\001\002\004\034\026\032\150\164" +"\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163\057" +"\151\160\163\062\060\060\062\057\060\100\006\011\140\206\110\001" +"\206\370\102\001\004\004\063\026\061\150\164\164\160\072\057\057" +"\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062\060" +"\060\062\057\151\160\163\062\060\060\062\124\151\155\145\163\164" +"\141\155\160\151\156\147\056\143\162\154\060\105\006\011\140\206" +"\110\001\206\370\102\001\003\004\070\026\066\150\164\164\160\072" +"\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163" +"\062\060\060\062\057\162\145\166\157\143\141\164\151\157\156\124" +"\151\155\145\163\164\141\155\160\151\156\147\056\150\164\155\154" +"\077\060\102\006\011\140\206\110\001\206\370\102\001\007\004\065" +"\026\063\150\164\164\160\072\057\057\167\167\167\056\151\160\163" +"\056\145\163\057\151\160\163\062\060\060\062\057\162\145\156\145" +"\167\141\154\124\151\155\145\163\164\141\155\160\151\156\147\056" +"\150\164\155\154\077\060\100\006\011\140\206\110\001\206\370\102" +"\001\010\004\063\026\061\150\164\164\160\072\057\057\167\167\167" +"\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057" +"\160\157\154\151\143\171\124\151\155\145\163\164\141\155\160\151" +"\156\147\056\150\164\155\154\060\177\006\003\125\035\037\004\170" +"\060\166\060\067\240\065\240\063\206\061\150\164\164\160\072\057" +"\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062" +"\060\060\062\057\151\160\163\062\060\060\062\124\151\155\145\163" +"\164\141\155\160\151\156\147\056\143\162\154\060\073\240\071\240" +"\067\206\065\150\164\164\160\072\057\057\167\167\167\142\141\143" +"\153\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062" +"\057\151\160\163\062\060\060\062\124\151\155\145\163\164\141\155" +"\160\151\156\147\056\143\162\154\060\057\006\010\053\006\001\005" +"\005\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005" +"\005\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163" +"\160\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110" +"\206\367\015\001\001\005\005\000\003\201\201\000\145\272\301\314" +"\000\032\225\221\312\351\154\072\277\072\036\024\010\174\373\203" +"\356\153\142\121\323\063\221\265\140\171\176\004\330\135\171\067" +"\350\303\133\260\304\147\055\150\132\262\137\016\012\372\315\077" +"\072\105\241\352\066\317\046\036\247\021\050\305\224\217\204\114" +"\123\010\305\223\263\374\342\177\365\215\363\261\251\205\137\210" +"\336\221\226\356\027\133\256\245\352\160\145\170\054\041\144\001" +"\225\316\316\114\076\120\364\266\131\313\143\215\266\275\030\324" +"\207\112\137\334\357\351\126\360\012\014\350\165" +, (PRUint32)2108 } +}; +static const NSSItem nss_builtins_items_151 [] = { + { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, + { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, + { (void *)"IPS Timestamping root", (PRUint32)22 }, + { (void *)"\226\231\134\167\021\350\345\055\371\343\113\354\354\147\323\313" +"\361\266\304\322" +, (PRUint32)20 }, + { (void *)"\056\003\375\305\365\327\053\224\144\301\276\211\061\361\026\233" +, (PRUint32)16 }, + { (void *)"\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105" +"\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143" +"\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011" +"\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125" +"\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164" +"\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166" +"\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125" +"\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163" +"\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060" +"\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023" +"\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155" +"\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151" +"\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062" +"\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151" +"\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151" +"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151" +"\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011" +"\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056" +"\145\163" +, (PRUint32)290 }, + { (void *)"\002\001\000" +, (PRUint32)3 }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, + { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } +}; PR_IMPLEMENT_DATA(builtinsInternalObject) nss_builtins_data[] = { @@ -8209,11 +10143,33 @@ nss_builtins_data[] = { { 11, nss_builtins_types_126, nss_builtins_items_126, {NULL} }, { 12, nss_builtins_types_127, nss_builtins_items_127, {NULL} }, { 11, nss_builtins_types_128, nss_builtins_items_128, {NULL} }, - { 12, nss_builtins_types_129, nss_builtins_items_129, {NULL} } + { 12, nss_builtins_types_129, nss_builtins_items_129, {NULL} }, + { 11, nss_builtins_types_130, nss_builtins_items_130, {NULL} }, + { 12, nss_builtins_types_131, nss_builtins_items_131, {NULL} }, + { 11, nss_builtins_types_132, nss_builtins_items_132, {NULL} }, + { 12, nss_builtins_types_133, nss_builtins_items_133, {NULL} }, + { 11, nss_builtins_types_134, nss_builtins_items_134, {NULL} }, + { 12, nss_builtins_types_135, nss_builtins_items_135, {NULL} }, + { 11, nss_builtins_types_136, nss_builtins_items_136, {NULL} }, + { 12, nss_builtins_types_137, nss_builtins_items_137, {NULL} }, + { 11, nss_builtins_types_138, nss_builtins_items_138, {NULL} }, + { 12, nss_builtins_types_139, nss_builtins_items_139, {NULL} }, + { 11, nss_builtins_types_140, nss_builtins_items_140, {NULL} }, + { 12, nss_builtins_types_141, nss_builtins_items_141, {NULL} }, + { 11, nss_builtins_types_142, nss_builtins_items_142, {NULL} }, + { 12, nss_builtins_types_143, nss_builtins_items_143, {NULL} }, + { 11, nss_builtins_types_144, nss_builtins_items_144, {NULL} }, + { 12, nss_builtins_types_145, nss_builtins_items_145, {NULL} }, + { 11, nss_builtins_types_146, nss_builtins_items_146, {NULL} }, + { 12, nss_builtins_types_147, nss_builtins_items_147, {NULL} }, + { 11, nss_builtins_types_148, nss_builtins_items_148, {NULL} }, + { 12, nss_builtins_types_149, nss_builtins_items_149, {NULL} }, + { 11, nss_builtins_types_150, nss_builtins_items_150, {NULL} }, + { 12, nss_builtins_types_151, nss_builtins_items_151, {NULL} } }; PR_IMPLEMENT_DATA(const PRUint32) #ifdef DEBUG - nss_builtins_nObjects = 129+1; + nss_builtins_nObjects = 151+1; #else - nss_builtins_nObjects = 129; + nss_builtins_nObjects = 151; #endif /* DEBUG */ diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt index f4f9566b4..d85eb773c 100644 --- a/security/nss/lib/ckfw/builtins/certdata.txt +++ b/security/nss/lib/ckfw/builtins/certdata.txt @@ -8353,3 +8353,1981 @@ END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "Certum Root CA" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Certum Root CA" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061 +\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164 +\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020 +\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061 +\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164 +\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020 +\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\003\001\000\040 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\003\014\060\202\001\364\240\003\002\001\002\002\003\001 +\000\040\060\015\006\011\052\206\110\206\367\015\001\001\005\005 +\000\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114 +\061\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145 +\164\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060 +\020\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103 +\101\060\036\027\015\060\062\060\066\061\061\061\060\064\066\063 +\071\132\027\015\062\067\060\066\061\061\061\060\064\066\063\071 +\132\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114 +\061\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145 +\164\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060 +\020\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103 +\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001 +\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001 +\001\000\316\261\301\056\323\117\174\315\045\316\030\076\117\304 +\214\157\200\152\163\310\133\121\370\233\322\334\273\000\134\261 +\240\374\165\003\356\201\360\210\356\043\122\351\346\025\063\215 +\254\055\011\305\166\371\053\071\200\211\344\227\113\220\245\250 +\170\370\163\103\173\244\141\260\330\130\314\341\154\146\176\234 +\363\011\136\125\143\204\325\250\357\363\261\056\060\150\263\304 +\074\330\254\156\215\231\132\220\116\064\334\066\232\217\201\210 +\120\267\155\226\102\011\363\327\225\203\015\101\113\260\152\153 +\370\374\017\176\142\237\147\304\355\046\137\020\046\017\010\117 +\360\244\127\050\316\217\270\355\105\366\156\356\045\135\252\156 +\071\276\344\223\057\331\107\240\162\353\372\246\133\257\312\123 +\077\342\016\306\226\126\021\156\367\351\146\251\046\330\177\225 +\123\355\012\205\210\272\117\051\245\102\214\136\266\374\205\040 +\000\252\150\013\241\032\205\001\234\304\106\143\202\210\266\042 +\261\356\376\252\106\131\176\317\065\054\325\266\332\135\367\110 +\063\024\124\266\353\331\157\316\315\210\326\253\033\332\226\073 +\035\131\002\003\001\000\001\243\023\060\021\060\017\006\003\125 +\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011 +\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000 +\270\215\316\357\347\024\272\317\356\260\104\222\154\264\071\076 +\242\204\156\255\270\041\167\322\324\167\202\207\346\040\101\201 +\356\342\370\021\267\143\321\027\067\276\031\166\044\034\004\032 +\114\353\075\252\147\157\055\324\315\376\145\061\160\305\033\246 +\002\012\272\140\173\155\130\302\232\111\376\143\062\013\153\343 +\072\300\254\253\073\260\350\323\011\121\214\020\203\306\064\340 +\305\053\340\032\266\140\024\047\154\062\167\214\274\262\162\230 +\317\315\314\077\271\310\044\102\024\326\127\374\346\046\103\251 +\035\345\200\220\316\003\124\050\076\367\077\323\370\115\355\152 +\012\072\223\023\233\073\024\043\023\143\234\077\321\207\047\171 +\345\114\121\343\001\255\205\135\032\073\261\325\163\020\244\323 +\362\274\156\144\365\132\126\220\250\307\016\114\164\017\056\161 +\073\367\310\107\364\151\157\025\362\021\136\203\036\234\174\122 +\256\375\002\332\022\250\131\147\030\333\274\160\335\233\261\151 +\355\200\316\211\100\110\152\016\065\312\051\146\025\041\224\054 +\350\140\052\233\205\112\100\363\153\212\044\354\006\026\054\163 +END + +# Trust for Certificate "Certum Root CA" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Certum Root CA" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\142\122\334\100\367\021\103\242\057\336\236\367\064\216\006\102 +\121\261\201\030 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\054\217\237\146\035\030\220\261\107\046\235\216\206\202\214\251 +END +CKA_ISSUER MULTILINE_OCTAL +\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061 +\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164 +\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020 +\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\003\001\000\040 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "Comodo AAA Services root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Comodo AAA Services root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003 +\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151 +\143\141\164\145\040\123\145\162\166\151\143\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003 +\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151 +\143\141\164\145\040\123\145\162\166\151\143\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\001 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\004\062\060\202\003\032\240\003\002\001\002\002\001\001 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033 +\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162 +\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006 +\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060 +\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103 +\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003\125 +\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151\143 +\141\164\145\040\123\145\162\166\151\143\145\163\060\036\027\015 +\060\064\060\061\060\061\060\060\060\060\060\060\132\027\015\062 +\070\061\062\063\061\062\063\065\071\065\071\132\060\173\061\013 +\060\011\006\003\125\004\006\023\002\107\102\061\033\060\031\006 +\003\125\004\010\014\022\107\162\145\141\164\145\162\040\115\141 +\156\143\150\145\163\164\145\162\061\020\060\016\006\003\125\004 +\007\014\007\123\141\154\146\157\162\144\061\032\060\030\006\003 +\125\004\012\014\021\103\157\155\157\144\157\040\103\101\040\114 +\151\155\151\164\145\144\061\041\060\037\006\003\125\004\003\014 +\030\101\101\101\040\103\145\162\164\151\146\151\143\141\164\145 +\040\123\145\162\166\151\143\145\163\060\202\001\042\060\015\006 +\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017 +\000\060\202\001\012\002\202\001\001\000\276\100\235\364\156\341 +\352\166\207\034\115\105\104\216\276\106\310\203\006\235\301\052 +\376\030\037\216\344\002\372\363\253\135\120\212\026\061\013\232 +\006\320\305\160\042\315\111\055\124\143\314\266\156\150\106\013 +\123\352\313\114\044\300\274\162\116\352\361\025\256\364\124\232 +\022\012\303\172\262\063\140\342\332\211\125\363\042\130\363\336 +\334\317\357\203\206\242\214\224\117\237\150\362\230\220\106\204 +\047\307\166\277\343\314\065\054\213\136\007\144\145\202\300\110 +\260\250\221\371\141\237\166\040\120\250\221\307\146\265\353\170 +\142\003\126\360\212\032\023\352\061\243\036\240\231\375\070\366 +\366\047\062\130\157\007\365\153\270\373\024\053\257\267\252\314 +\326\143\137\163\214\332\005\231\250\070\250\313\027\170\066\121 +\254\351\236\364\170\072\215\317\017\331\102\342\230\014\253\057 +\237\016\001\336\357\237\231\111\361\055\337\254\164\115\033\230 +\265\107\305\345\051\321\371\220\030\307\142\234\276\203\307\046 +\173\076\212\045\307\300\335\235\346\065\150\020\040\235\217\330 +\336\322\303\204\234\015\136\350\057\311\002\003\001\000\001\243 +\201\300\060\201\275\060\035\006\003\125\035\016\004\026\004\024 +\240\021\012\043\076\226\361\007\354\342\257\051\357\202\245\177 +\320\060\244\264\060\016\006\003\125\035\017\001\001\377\004\004 +\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005 +\060\003\001\001\377\060\173\006\003\125\035\037\004\164\060\162 +\060\070\240\066\240\064\206\062\150\164\164\160\072\057\057\143 +\162\154\056\143\157\155\157\144\157\143\141\056\143\157\155\057 +\101\101\101\103\145\162\164\151\146\151\143\141\164\145\123\145 +\162\166\151\143\145\163\056\143\162\154\060\066\240\064\240\062 +\206\060\150\164\164\160\072\057\057\143\162\154\056\143\157\155 +\157\144\157\056\156\145\164\057\101\101\101\103\145\162\164\151 +\146\151\143\141\164\145\123\145\162\166\151\143\145\163\056\143 +\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005\005 +\000\003\202\001\001\000\010\126\374\002\360\233\350\377\244\372 +\326\173\306\104\200\316\117\304\305\366\000\130\314\246\266\274 +\024\111\150\004\166\350\346\356\135\354\002\017\140\326\215\120 +\030\117\046\116\001\343\346\260\245\356\277\274\164\124\101\277 +\375\374\022\270\307\117\132\364\211\140\005\177\140\267\005\112 +\363\366\361\302\277\304\271\164\206\266\055\175\153\314\322\363 +\106\335\057\306\340\152\303\303\064\003\054\175\226\335\132\302 +\016\247\012\231\301\005\213\253\014\057\363\134\072\317\154\067 +\125\011\207\336\123\100\154\130\357\374\266\253\145\156\004\366 +\033\334\074\340\132\025\306\236\331\361\131\110\060\041\145\003 +\154\354\351\041\163\354\233\003\241\340\067\255\240\025\030\217 +\372\272\002\316\247\054\251\020\023\054\324\345\010\046\253\042 +\227\140\370\220\136\164\324\242\232\123\275\362\251\150\340\242 +\156\302\327\154\261\243\017\236\277\353\150\347\126\362\256\362 +\343\053\070\072\011\201\265\153\205\327\276\055\355\077\032\267 +\262\143\342\365\142\054\202\324\152\000\101\120\361\071\203\237 +\225\351\066\226\230\156 +END + +# Trust for Certificate "Comodo AAA Services root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Comodo AAA Services root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\321\353\043\244\155\027\326\217\331\045\144\302\361\361\140\027 +\144\330\343\111 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\111\171\004\260\353\207\031\254\107\260\274\021\121\233\164\320 +END +CKA_ISSUER MULTILINE_OCTAL +\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003 +\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151 +\143\141\164\145\040\123\145\162\166\151\143\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\001 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "Comodo Secure Services root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Comodo Secure Services root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003 +\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164 +\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003 +\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164 +\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\001 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\004\077\060\202\003\047\240\003\002\001\002\002\001\001 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033 +\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162 +\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006 +\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060 +\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103 +\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003\125 +\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164\151 +\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163\060 +\036\027\015\060\064\060\061\060\061\060\060\060\060\060\060\132 +\027\015\062\070\061\062\063\061\062\063\065\071\065\071\132\060 +\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033 +\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162 +\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006 +\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060 +\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103 +\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003\125 +\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164\151 +\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163\060 +\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001 +\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000 +\300\161\063\202\212\320\160\353\163\207\202\100\325\035\344\313 +\311\016\102\220\371\336\064\271\241\272\021\364\045\205\363\314 +\162\155\362\173\227\153\263\007\361\167\044\221\137\045\217\366 +\164\075\344\200\302\370\074\015\363\277\100\352\367\310\122\321 +\162\157\357\310\253\101\270\156\056\027\052\225\151\014\315\322 +\036\224\173\055\224\035\252\165\327\263\230\313\254\274\144\123 +\100\274\217\254\254\066\313\134\255\273\335\340\224\027\354\321 +\134\320\277\357\245\225\311\220\305\260\254\373\033\103\337\172 +\010\135\267\270\362\100\033\053\047\236\120\316\136\145\202\210 +\214\136\323\116\014\172\352\010\221\266\066\252\053\102\373\352 +\302\243\071\345\333\046\070\255\213\012\356\031\143\307\034\044 +\337\003\170\332\346\352\301\107\032\013\013\106\011\335\002\374 +\336\313\207\137\327\060\143\150\241\256\334\062\241\272\276\376 +\104\253\150\266\245\027\025\375\275\325\247\247\232\344\104\063 +\351\210\216\374\355\121\353\223\161\116\255\001\347\104\216\253 +\055\313\250\376\001\111\110\360\300\335\307\150\330\222\376\075 +\002\003\001\000\001\243\201\307\060\201\304\060\035\006\003\125 +\035\016\004\026\004\024\074\330\223\210\302\300\202\011\314\001 +\231\006\223\040\351\236\160\011\143\117\060\016\006\003\125\035 +\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035 +\023\001\001\377\004\005\060\003\001\001\377\060\201\201\006\003 +\125\035\037\004\172\060\170\060\073\240\071\240\067\206\065\150 +\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157 +\143\141\056\143\157\155\057\123\145\143\165\162\145\103\145\162 +\164\151\146\151\143\141\164\145\123\145\162\166\151\143\145\163 +\056\143\162\154\060\071\240\067\240\065\206\063\150\164\164\160 +\072\057\057\143\162\154\056\143\157\155\157\144\157\056\156\145 +\164\057\123\145\143\165\162\145\103\145\162\164\151\146\151\143 +\141\164\145\123\145\162\166\151\143\145\163\056\143\162\154\060 +\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202 +\001\001\000\207\001\155\043\035\176\133\027\175\301\141\062\317 +\217\347\363\212\224\131\146\340\236\050\250\136\323\267\364\064 +\346\252\071\262\227\026\305\202\157\062\244\351\214\347\257\375 +\357\302\350\271\113\252\243\364\346\332\215\145\041\373\272\200 +\353\046\050\205\032\376\071\214\336\133\004\004\264\124\371\243 +\147\236\101\372\011\122\314\005\110\250\311\077\041\004\036\316 +\110\153\374\205\350\302\173\257\177\267\314\370\137\072\375\065 +\306\015\357\227\334\114\253\021\341\153\313\061\321\154\373\110 +\200\253\334\234\067\270\041\024\113\015\161\075\354\203\063\156 +\321\156\062\026\354\230\307\026\213\131\246\064\253\005\127\055 +\223\367\252\023\313\322\023\342\267\056\073\315\153\120\027\011 +\150\076\265\046\127\356\266\340\266\335\271\051\200\171\175\217 +\243\360\244\050\244\025\304\205\364\047\324\153\277\345\134\344 +\145\002\166\124\264\343\067\146\044\323\031\141\310\122\020\345 +\213\067\232\271\251\371\035\277\352\231\222\141\226\377\001\315 +\241\137\015\274\161\274\016\254\013\035\107\105\035\301\354\174 +\354\375\051 +END + +# Trust for Certificate "Comodo Secure Services root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Comodo Secure Services root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\112\145\325\364\035\357\071\270\270\220\112\112\323\144\201\063 +\317\307\241\321 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\323\331\275\256\237\254\147\044\263\310\033\122\341\271\251\275 +END +CKA_ISSUER MULTILINE_OCTAL +\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003 +\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164 +\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\001 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "Comodo Trusted Services root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Comodo Trusted Services root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003 +\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162 +\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145 +\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003 +\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162 +\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145 +\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\001 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\004\103\060\202\003\053\240\003\002\001\002\002\001\001 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033 +\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162 +\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006 +\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060 +\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103 +\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003\125 +\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162\164 +\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163 +\060\036\027\015\060\064\060\061\060\061\060\060\060\060\060\060 +\132\027\015\062\070\061\062\063\061\062\063\065\071\065\071\132 +\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003 +\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162 +\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145 +\163\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001 +\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001 +\001\000\337\161\157\066\130\123\132\362\066\124\127\200\304\164 +\010\040\355\030\177\052\035\346\065\232\036\045\254\234\345\226 +\176\162\122\240\025\102\333\131\335\144\172\032\320\270\173\335 +\071\025\274\125\110\304\355\072\000\352\061\021\272\362\161\164 +\032\147\270\317\063\314\250\061\257\243\343\327\177\277\063\055 +\114\152\074\354\213\303\222\322\123\167\044\164\234\007\156\160 +\374\275\013\133\166\272\137\362\377\327\067\113\112\140\170\367 +\360\372\312\160\264\352\131\252\243\316\110\057\251\303\262\013 +\176\027\162\026\014\246\007\014\033\070\317\311\142\267\077\240 +\223\245\207\101\362\267\160\100\167\330\276\024\174\343\250\300 +\172\216\351\143\152\321\017\232\306\322\364\213\072\024\004\126 +\324\355\270\314\156\365\373\342\054\130\275\177\117\153\053\367 +\140\044\130\044\316\046\357\064\221\072\325\343\201\320\262\360 +\004\002\327\133\267\076\222\254\153\022\212\371\344\005\260\073 +\221\111\134\262\353\123\352\370\237\107\206\356\277\225\300\300 +\006\237\322\133\136\021\033\364\307\004\065\051\322\125\134\344 +\355\353\002\003\001\000\001\243\201\311\060\201\306\060\035\006 +\003\125\035\016\004\026\004\024\305\173\130\275\355\332\045\151 +\322\367\131\026\250\263\062\300\173\047\133\364\060\016\006\003 +\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003 +\125\035\023\001\001\377\004\005\060\003\001\001\377\060\201\203 +\006\003\125\035\037\004\174\060\172\060\074\240\072\240\070\206 +\066\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157 +\144\157\143\141\056\143\157\155\057\124\162\165\163\164\145\144 +\103\145\162\164\151\146\151\143\141\164\145\123\145\162\166\151 +\143\145\163\056\143\162\154\060\072\240\070\240\066\206\064\150 +\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157 +\056\156\145\164\057\124\162\165\163\164\145\144\103\145\162\164 +\151\146\151\143\141\164\145\123\145\162\166\151\143\145\163\056 +\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005 +\005\000\003\202\001\001\000\310\223\201\073\211\264\257\270\204 +\022\114\215\322\360\333\160\272\127\206\025\064\020\271\057\177 +\036\260\250\211\140\241\212\302\167\014\120\112\233\000\213\330 +\213\364\101\342\320\203\212\112\034\024\006\260\243\150\005\160 +\061\060\247\123\233\016\351\112\240\130\151\147\016\256\235\366 +\245\054\101\277\074\006\153\344\131\314\155\020\361\226\157\037 +\337\364\004\002\244\237\105\076\310\330\372\066\106\104\120\077 +\202\227\221\037\050\333\030\021\214\052\344\145\203\127\022\022 +\214\027\077\224\066\376\135\260\300\004\167\023\270\364\025\325 +\077\070\314\224\072\125\320\254\230\365\272\000\137\340\206\031 +\201\170\057\050\300\176\323\314\102\012\365\256\120\240\321\076 +\306\241\161\354\077\240\040\214\146\072\211\264\216\324\330\261 +\115\045\107\356\057\210\310\265\341\005\105\300\276\024\161\336 +\172\375\216\173\175\115\010\226\245\022\163\360\055\312\067\047 +\164\022\047\114\313\266\227\351\331\256\010\155\132\071\100\335 +\005\107\165\152\132\041\263\243\030\317\116\367\056\127\267\230 +\160\136\310\304\170\260\142 +END + +# Trust for Certificate "Comodo Trusted Services root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "Comodo Trusted Services root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\341\237\343\016\213\204\140\236\200\233\027\015\162\250\305\272 +\156\024\011\275 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\221\033\077\156\315\236\253\356\007\376\037\161\322\263\141\047 +END +CKA_ISSUER MULTILINE_OCTAL +\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061 +\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145 +\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016 +\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032 +\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040 +\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003 +\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162 +\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145 +\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\001 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS Chained CAs root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS Chained CAs root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023 +\052\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040 +\103\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006 +\003\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141 +\151\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151 +\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171 +\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026 +\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023 +\052\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040 +\103\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006 +\003\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141 +\151\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151 +\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171 +\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026 +\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\007\367\060\202\007\140\240\003\002\001\002\002\001\000 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023\052 +\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040\103 +\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157\156 +\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006\003 +\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141\151 +\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151\143 +\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061 +\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017 +\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060 +\036\027\015\060\061\061\062\062\071\060\060\065\063\065\070\132 +\027\015\062\065\061\062\062\067\060\060\065\063\065\070\132\060 +\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023\052 +\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040\103 +\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157\156 +\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006\003 +\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141\151 +\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151\143 +\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061 +\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017 +\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060 +\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005 +\000\003\201\215\000\060\201\211\002\201\201\000\334\126\222\111 +\262\224\040\274\230\117\120\353\150\244\247\111\013\277\322\061 +\350\307\117\302\206\013\372\150\375\103\132\212\363\140\222\065 +\231\070\273\115\003\122\041\133\360\067\231\065\341\101\040\201 +\205\201\005\161\201\235\264\225\031\251\137\166\064\056\143\067 +\065\127\216\264\037\102\077\025\134\341\172\301\137\023\030\062 +\061\311\255\276\243\307\203\146\036\271\234\004\023\313\151\301 +\006\336\060\006\273\063\243\265\037\360\217\157\316\377\226\350 +\124\276\146\200\256\153\333\101\204\066\242\075\002\003\001\000 +\001\243\202\004\103\060\202\004\077\060\035\006\003\125\035\016 +\004\026\004\024\241\255\061\261\371\076\341\027\246\310\253\064 +\374\122\207\011\036\142\122\101\060\202\001\116\006\003\125\035 +\043\004\202\001\105\060\202\001\101\200\024\241\255\061\261\371 +\076\341\027\246\310\253\064\374\122\207\011\036\142\122\101\241 +\202\001\044\244\202\001\040\060\202\001\034\061\013\060\011\006 +\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004 +\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020 +\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141 +\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111 +\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151 +\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056 +\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106 +\056\040\040\102\055\066\060\071\062\071\064\065\062\061\063\060 +\061\006\003\125\004\013\023\052\111\120\123\040\103\101\040\103 +\150\141\151\156\145\144\040\103\101\163\040\103\145\162\164\151 +\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151 +\164\171\061\063\060\061\006\003\125\004\003\023\052\111\120\123 +\040\103\101\040\103\150\141\151\156\145\144\040\103\101\163\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110 +\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154 +\056\151\160\163\056\145\163\202\001\000\060\014\006\003\125\035 +\023\004\005\060\003\001\001\377\060\014\006\003\125\035\017\004 +\005\003\003\007\377\200\060\153\006\003\125\035\045\004\144\060 +\142\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001 +\005\005\007\003\002\006\010\053\006\001\005\005\007\003\003\006 +\010\053\006\001\005\005\007\003\004\006\010\053\006\001\005\005 +\007\003\010\006\012\053\006\001\004\001\202\067\002\001\025\006 +\012\053\006\001\004\001\202\067\002\001\026\006\012\053\006\001 +\004\001\202\067\012\003\001\006\012\053\006\001\004\001\202\067 +\012\003\004\060\021\006\011\140\206\110\001\206\370\102\001\001 +\004\004\003\002\000\007\060\032\006\003\125\035\021\004\023\060 +\021\201\017\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\060\032\006\003\125\035\022\004\023\060\021\201\017\151 +\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060\102 +\006\011\140\206\110\001\206\370\102\001\015\004\065\026\063\103 +\150\141\151\156\145\144\040\103\101\040\103\145\162\164\151\146 +\151\143\141\164\145\040\151\163\163\165\145\144\040\142\171\040 +\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145 +\163\057\060\051\006\011\140\206\110\001\206\370\102\001\002\004 +\034\026\032\150\164\164\160\072\057\057\167\167\167\056\151\160 +\163\056\145\163\057\151\160\163\062\060\060\062\057\060\067\006 +\011\140\206\110\001\206\370\102\001\004\004\052\026\050\150\164 +\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163\057 +\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062\103 +\101\103\056\143\162\154\060\074\006\011\140\206\110\001\206\370 +\102\001\003\004\057\026\055\150\164\164\160\072\057\057\167\167 +\167\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062 +\057\162\145\166\157\143\141\164\151\157\156\103\101\103\056\150 +\164\155\154\077\060\071\006\011\140\206\110\001\206\370\102\001 +\007\004\054\026\052\150\164\164\160\072\057\057\167\167\167\056 +\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057\162 +\145\156\145\167\141\154\103\101\103\056\150\164\155\154\077\060 +\067\006\011\140\206\110\001\206\370\102\001\010\004\052\026\050 +\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145 +\163\057\151\160\163\062\060\060\062\057\160\157\154\151\143\171 +\103\101\103\056\150\164\155\154\060\155\006\003\125\035\037\004 +\146\060\144\060\056\240\054\240\052\206\050\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\151\160\163\062\060\060\062\103\101\103\056 +\143\162\154\060\062\240\060\240\056\206\054\150\164\164\160\072 +\057\057\167\167\167\142\141\143\153\056\151\160\163\056\145\163 +\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062 +\103\101\103\056\143\162\154\060\057\006\010\053\006\001\005\005 +\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005\005 +\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163\160 +\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110\206 +\367\015\001\001\005\005\000\003\201\201\000\104\162\060\235\126 +\130\242\101\033\050\267\225\341\246\032\225\137\247\170\100\053 +\357\333\226\112\374\114\161\143\331\163\225\275\002\342\242\006 +\307\276\227\052\223\200\064\206\003\372\334\330\075\036\007\315 +\036\163\103\044\140\365\035\141\334\334\226\240\274\373\035\343 +\347\022\000\047\063\002\300\300\053\123\075\330\153\003\201\243 +\333\326\223\225\040\357\323\226\176\046\220\211\234\046\233\315 +\157\146\253\355\003\042\104\070\314\131\275\237\333\366\007\242 +\001\177\046\304\143\365\045\102\136\142\275 +END + +# Trust for Certificate "IPS Chained CAs root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS Chained CAs root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\310\302\137\026\236\370\120\164\325\276\350\315\242\324\074\256 +\347\137\322\127 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\215\162\121\333\240\072\317\040\167\337\362\145\006\136\337\357 +END +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\063\060\061\006\003\125\004\013\023 +\052\111\120\123\040\103\101\040\103\150\141\151\156\145\144\040 +\103\101\163\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\063\060\061\006 +\003\125\004\003\023\052\111\120\123\040\103\101\040\103\150\141 +\151\156\145\144\040\103\101\163\040\103\145\162\164\151\146\151 +\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171 +\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026 +\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS CLASE1 root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASE1 root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\007\352\060\202\007\123\240\003\002\001\002\002\001\000 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023\045 +\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103\145 +\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150 +\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023\045 +\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103\145 +\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150 +\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206\367 +\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056\151 +\160\163\056\145\163\060\036\027\015\060\061\061\062\062\071\060 +\060\065\071\063\070\132\027\015\062\065\061\062\062\067\060\060 +\065\071\063\070\132\060\202\001\022\061\013\060\011\006\003\125 +\004\006\023\002\105\123\061\022\060\020\006\003\125\004\010\023 +\011\102\141\162\143\145\154\157\156\141\061\022\060\020\006\003 +\125\004\007\023\011\102\141\162\143\145\154\157\156\141\061\056 +\060\054\006\003\125\004\012\023\045\111\120\123\040\111\156\164 +\145\162\156\145\164\040\160\165\142\154\151\163\150\151\156\147 +\040\123\145\162\166\151\143\145\163\040\163\056\154\056\061\053 +\060\051\006\003\125\004\012\024\042\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163\040\103\056\111\056\106\056\040 +\040\102\055\066\060\071\062\071\064\065\062\061\056\060\054\006 +\003\125\004\013\023\045\111\120\123\040\103\101\040\103\114\101 +\123\105\061\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\056\060\054\006 +\003\125\004\003\023\045\111\120\123\040\103\101\040\103\114\101 +\123\105\061\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\036\060\034\006 +\011\052\206\110\206\367\015\001\011\001\026\017\151\160\163\100 +\155\141\151\154\056\151\160\163\056\145\163\060\201\237\060\015 +\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215 +\000\060\201\211\002\201\201\000\340\121\047\247\013\335\257\321 +\271\103\133\202\067\105\126\162\357\232\266\302\022\357\054\022 +\314\166\371\006\131\257\135\041\324\322\132\270\240\324\363\152 +\375\312\151\215\146\110\367\164\346\356\066\275\350\226\221\165 +\246\161\050\312\347\042\022\062\151\260\076\036\153\364\120\122 +\142\142\375\143\073\175\176\354\356\070\352\142\364\154\250\161 +\215\341\351\213\311\077\306\265\315\224\102\157\335\202\105\074 +\350\337\011\350\357\012\125\251\126\107\141\114\111\144\163\020 +\050\077\312\277\011\377\306\057\002\003\001\000\001\243\202\004 +\112\060\202\004\106\060\035\006\003\125\035\016\004\026\004\024 +\353\263\031\171\363\301\245\034\254\334\272\037\146\242\262\233 +\151\320\170\010\060\202\001\104\006\003\125\035\043\004\202\001 +\073\060\202\001\067\200\024\353\263\031\171\363\301\245\034\254 +\334\272\037\146\242\262\233\151\320\170\010\241\202\001\032\244 +\202\001\026\060\202\001\022\061\013\060\011\006\003\125\004\006 +\023\002\105\123\061\022\060\020\006\003\125\004\010\023\011\102 +\141\162\143\145\154\157\156\141\061\022\060\020\006\003\125\004 +\007\023\011\102\141\162\143\145\154\157\156\141\061\056\060\054 +\006\003\125\004\012\023\045\111\120\123\040\111\156\164\145\162 +\156\145\164\040\160\165\142\154\151\163\150\151\156\147\040\123 +\145\162\166\151\143\145\163\040\163\056\154\056\061\053\060\051 +\006\003\125\004\012\024\042\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163\040\103\056\111\056\106\056\040\040\102 +\055\066\060\071\062\071\064\065\062\061\056\060\054\006\003\125 +\004\013\023\045\111\120\123\040\103\101\040\103\114\101\123\105 +\061\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040 +\101\165\164\150\157\162\151\164\171\061\056\060\054\006\003\125 +\004\003\023\045\111\120\123\040\103\101\040\103\114\101\123\105 +\061\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040 +\101\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052 +\206\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141 +\151\154\056\151\160\163\056\145\163\202\001\000\060\014\006\003 +\125\035\023\004\005\060\003\001\001\377\060\014\006\003\125\035 +\017\004\005\003\003\007\377\200\060\153\006\003\125\035\045\004 +\144\060\142\006\010\053\006\001\005\005\007\003\001\006\010\053 +\006\001\005\005\007\003\002\006\010\053\006\001\005\005\007\003 +\003\006\010\053\006\001\005\005\007\003\004\006\010\053\006\001 +\005\005\007\003\010\006\012\053\006\001\004\001\202\067\002\001 +\025\006\012\053\006\001\004\001\202\067\002\001\026\006\012\053 +\006\001\004\001\202\067\012\003\001\006\012\053\006\001\004\001 +\202\067\012\003\004\060\021\006\011\140\206\110\001\206\370\102 +\001\001\004\004\003\002\000\007\060\032\006\003\125\035\021\004 +\023\060\021\201\017\151\160\163\100\155\141\151\154\056\151\160 +\163\056\145\163\060\032\006\003\125\035\022\004\023\060\021\201 +\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163 +\060\101\006\011\140\206\110\001\206\370\102\001\015\004\064\026 +\062\103\114\101\123\105\061\040\103\101\040\103\145\162\164\151 +\146\151\143\141\164\145\040\151\163\163\165\145\144\040\142\171 +\040\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056 +\145\163\057\060\051\006\011\140\206\110\001\206\370\102\001\002 +\004\034\026\032\150\164\164\160\072\057\057\167\167\167\056\151 +\160\163\056\145\163\057\151\160\163\062\060\060\062\057\060\072 +\006\011\140\206\110\001\206\370\102\001\004\004\055\026\053\150 +\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163 +\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062 +\103\114\101\123\105\061\056\143\162\154\060\077\006\011\140\206 +\110\001\206\370\102\001\003\004\062\026\060\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\162\145\166\157\143\141\164\151\157\156\103 +\114\101\123\105\061\056\150\164\155\154\077\060\074\006\011\140 +\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160 +\072\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160 +\163\062\060\060\062\057\162\145\156\145\167\141\154\103\114\101 +\123\105\061\056\150\164\155\154\077\060\072\006\011\140\206\110 +\001\206\370\102\001\010\004\055\026\053\150\164\164\160\072\057 +\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062 +\060\060\062\057\160\157\154\151\143\171\103\114\101\123\105\061 +\056\150\164\155\154\060\163\006\003\125\035\037\004\154\060\152 +\060\061\240\057\240\055\206\053\150\164\164\160\072\057\057\167 +\167\167\056\151\160\163\056\145\163\057\151\160\163\062\060\060 +\062\057\151\160\163\062\060\060\062\103\114\101\123\105\061\056 +\143\162\154\060\065\240\063\240\061\206\057\150\164\164\160\072 +\057\057\167\167\167\142\141\143\153\056\151\160\163\056\145\163 +\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062 +\103\114\101\123\105\061\056\143\162\154\060\057\006\010\053\006 +\001\005\005\007\001\001\004\043\060\041\060\037\006\010\053\006 +\001\005\005\007\060\001\206\023\150\164\164\160\072\057\057\157 +\143\163\160\056\151\160\163\056\145\163\057\060\015\006\011\052 +\206\110\206\367\015\001\001\005\005\000\003\201\201\000\053\320 +\353\375\332\310\312\131\152\332\323\314\062\056\311\124\033\212 +\142\176\025\055\351\331\061\323\056\364\047\043\377\133\253\305 +\112\266\162\100\256\123\164\364\274\005\264\306\331\310\311\167 +\373\267\371\064\177\170\000\370\326\244\344\122\077\054\112\143 +\127\201\165\132\216\350\214\373\002\300\224\306\051\272\263\334 +\034\350\262\257\322\056\142\133\032\251\216\016\314\305\127\105 +\121\024\351\116\034\210\245\221\364\243\367\216\121\310\251\276 +\206\063\076\346\057\110\156\257\124\220\116\255\261\045 +END + +# Trust for Certificate "IPS CLASE1 root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASE1 root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\103\236\122\137\132\152\107\303\054\353\304\134\143\355\071\061 +\174\345\364\337 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\204\220\035\225\060\111\126\374\101\201\360\105\327\166\304\153 +END +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS CLASE3 root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASE3 root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\007\352\060\202\007\123\240\003\002\001\002\002\001\000 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023\045 +\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103\145 +\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150 +\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023\045 +\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103\145 +\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150 +\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206\367 +\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056\151 +\160\163\056\145\163\060\036\027\015\060\061\061\062\062\071\060 +\061\060\061\064\064\132\027\015\062\065\061\062\062\067\060\061 +\060\061\064\064\132\060\202\001\022\061\013\060\011\006\003\125 +\004\006\023\002\105\123\061\022\060\020\006\003\125\004\010\023 +\011\102\141\162\143\145\154\157\156\141\061\022\060\020\006\003 +\125\004\007\023\011\102\141\162\143\145\154\157\156\141\061\056 +\060\054\006\003\125\004\012\023\045\111\120\123\040\111\156\164 +\145\162\156\145\164\040\160\165\142\154\151\163\150\151\156\147 +\040\123\145\162\166\151\143\145\163\040\163\056\154\056\061\053 +\060\051\006\003\125\004\012\024\042\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163\040\103\056\111\056\106\056\040 +\040\102\055\066\060\071\062\071\064\065\062\061\056\060\054\006 +\003\125\004\013\023\045\111\120\123\040\103\101\040\103\114\101 +\123\105\063\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\056\060\054\006 +\003\125\004\003\023\045\111\120\123\040\103\101\040\103\114\101 +\123\105\063\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\036\060\034\006 +\011\052\206\110\206\367\015\001\011\001\026\017\151\160\163\100 +\155\141\151\154\056\151\160\163\056\145\163\060\201\237\060\015 +\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215 +\000\060\201\211\002\201\201\000\253\027\376\016\260\306\150\033 +\123\360\122\276\237\372\332\372\213\023\004\273\001\217\062\331 +\037\217\115\316\066\230\332\344\000\104\214\050\330\023\104\052 +\244\153\116\027\044\102\234\323\210\244\101\202\326\043\373\213 +\311\206\345\271\251\202\005\334\361\336\037\340\014\231\125\230 +\362\070\354\154\235\040\003\300\357\252\243\306\144\004\121\055 +\170\015\243\322\250\072\326\044\114\351\226\172\030\254\023\043 +\042\033\174\350\061\021\263\137\011\252\060\160\161\106\045\153 +\111\161\200\053\225\001\262\037\002\003\001\000\001\243\202\004 +\112\060\202\004\106\060\035\006\003\125\035\016\004\026\004\024 +\270\223\377\056\313\334\054\216\242\347\172\376\066\121\041\243 +\230\133\014\064\060\202\001\104\006\003\125\035\043\004\202\001 +\073\060\202\001\067\200\024\270\223\377\056\313\334\054\216\242 +\347\172\376\066\121\041\243\230\133\014\064\241\202\001\032\244 +\202\001\026\060\202\001\022\061\013\060\011\006\003\125\004\006 +\023\002\105\123\061\022\060\020\006\003\125\004\010\023\011\102 +\141\162\143\145\154\157\156\141\061\022\060\020\006\003\125\004 +\007\023\011\102\141\162\143\145\154\157\156\141\061\056\060\054 +\006\003\125\004\012\023\045\111\120\123\040\111\156\164\145\162 +\156\145\164\040\160\165\142\154\151\163\150\151\156\147\040\123 +\145\162\166\151\143\145\163\040\163\056\154\056\061\053\060\051 +\006\003\125\004\012\024\042\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163\040\103\056\111\056\106\056\040\040\102 +\055\066\060\071\062\071\064\065\062\061\056\060\054\006\003\125 +\004\013\023\045\111\120\123\040\103\101\040\103\114\101\123\105 +\063\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040 +\101\165\164\150\157\162\151\164\171\061\056\060\054\006\003\125 +\004\003\023\045\111\120\123\040\103\101\040\103\114\101\123\105 +\063\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040 +\101\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052 +\206\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141 +\151\154\056\151\160\163\056\145\163\202\001\000\060\014\006\003 +\125\035\023\004\005\060\003\001\001\377\060\014\006\003\125\035 +\017\004\005\003\003\007\377\200\060\153\006\003\125\035\045\004 +\144\060\142\006\010\053\006\001\005\005\007\003\001\006\010\053 +\006\001\005\005\007\003\002\006\010\053\006\001\005\005\007\003 +\003\006\010\053\006\001\005\005\007\003\004\006\010\053\006\001 +\005\005\007\003\010\006\012\053\006\001\004\001\202\067\002\001 +\025\006\012\053\006\001\004\001\202\067\002\001\026\006\012\053 +\006\001\004\001\202\067\012\003\001\006\012\053\006\001\004\001 +\202\067\012\003\004\060\021\006\011\140\206\110\001\206\370\102 +\001\001\004\004\003\002\000\007\060\032\006\003\125\035\021\004 +\023\060\021\201\017\151\160\163\100\155\141\151\154\056\151\160 +\163\056\145\163\060\032\006\003\125\035\022\004\023\060\021\201 +\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163 +\060\101\006\011\140\206\110\001\206\370\102\001\015\004\064\026 +\062\103\114\101\123\105\063\040\103\101\040\103\145\162\164\151 +\146\151\143\141\164\145\040\151\163\163\165\145\144\040\142\171 +\040\150\164\164\160\072\057\057\167\167\167\056\151\160\163\056 +\145\163\057\060\051\006\011\140\206\110\001\206\370\102\001\002 +\004\034\026\032\150\164\164\160\072\057\057\167\167\167\056\151 +\160\163\056\145\163\057\151\160\163\062\060\060\062\057\060\072 +\006\011\140\206\110\001\206\370\102\001\004\004\055\026\053\150 +\164\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163 +\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062 +\103\114\101\123\105\063\056\143\162\154\060\077\006\011\140\206 +\110\001\206\370\102\001\003\004\062\026\060\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\162\145\166\157\143\141\164\151\157\156\103 +\114\101\123\105\063\056\150\164\155\154\077\060\074\006\011\140 +\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160 +\072\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160 +\163\062\060\060\062\057\162\145\156\145\167\141\154\103\114\101 +\123\105\063\056\150\164\155\154\077\060\072\006\011\140\206\110 +\001\206\370\102\001\010\004\055\026\053\150\164\164\160\072\057 +\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062 +\060\060\062\057\160\157\154\151\143\171\103\114\101\123\105\063 +\056\150\164\155\154\060\163\006\003\125\035\037\004\154\060\152 +\060\061\240\057\240\055\206\053\150\164\164\160\072\057\057\167 +\167\167\056\151\160\163\056\145\163\057\151\160\163\062\060\060 +\062\057\151\160\163\062\060\060\062\103\114\101\123\105\063\056 +\143\162\154\060\065\240\063\240\061\206\057\150\164\164\160\072 +\057\057\167\167\167\142\141\143\153\056\151\160\163\056\145\163 +\057\151\160\163\062\060\060\062\057\151\160\163\062\060\060\062 +\103\114\101\123\105\063\056\143\162\154\060\057\006\010\053\006 +\001\005\005\007\001\001\004\043\060\041\060\037\006\010\053\006 +\001\005\005\007\060\001\206\023\150\164\164\160\072\057\057\157 +\143\163\160\056\151\160\163\056\145\163\057\060\015\006\011\052 +\206\110\206\367\015\001\001\005\005\000\003\201\201\000\027\145 +\134\231\225\103\003\047\257\046\345\353\320\263\027\043\367\103 +\252\307\360\175\354\017\306\251\256\256\226\017\166\051\034\342 +\006\055\176\046\305\074\372\241\301\201\316\123\260\102\321\227 +\127\032\027\176\244\121\141\306\356\351\136\357\005\272\353\275 +\017\247\222\157\330\243\006\150\051\216\171\365\377\277\371\247 +\257\344\261\316\302\321\200\102\047\005\004\064\370\303\177\026 +\170\043\014\007\044\362\106\107\255\073\124\320\257\325\061\262 +\257\175\310\352\351\324\126\331\016\023\262\305\105\120 +END + +# Trust for Certificate "IPS CLASE3 root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASE3 root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\101\170\253\114\277\316\173\101\002\254\332\304\223\076\157\365 +\015\317\161\134 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\102\166\227\150\317\246\264\070\044\252\241\033\362\147\336\312 +END +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\056\060\054\006\003\125\004\013\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\056\060\054\006\003\125\004\003\023 +\045\111\120\123\040\103\101\040\103\114\101\123\105\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS CLASEA1 root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASEA1 root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003 +\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061 +\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101 +\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206 +\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003 +\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061 +\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101 +\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206 +\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\007\367\060\202\007\140\240\003\002\001\002\002\001\000 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023\046 +\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110 +\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154 +\056\151\160\163\056\145\163\060\036\027\015\060\061\061\062\062 +\071\060\061\060\065\063\062\132\027\015\062\065\061\062\062\067 +\060\061\060\065\063\062\132\060\202\001\024\061\013\060\011\006 +\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004 +\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020 +\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141 +\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111 +\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151 +\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056 +\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106 +\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060 +\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103 +\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143\141 +\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057 +\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040 +\103\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143 +\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061 +\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017 +\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060 +\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005 +\000\003\201\215\000\060\201\211\002\201\201\000\273\060\327\334 +\320\124\275\065\116\237\305\114\202\352\321\120\074\107\230\374 +\233\151\235\167\315\156\340\077\356\353\062\137\137\237\322\320 +\171\345\225\163\104\041\062\340\012\333\235\327\316\215\253\122 +\213\053\170\340\233\133\175\364\375\155\011\345\256\341\154\035 +\007\043\240\027\321\371\175\250\106\106\221\042\250\262\151\306 +\255\367\365\365\224\241\060\224\275\000\314\104\177\356\304\236 +\311\301\346\217\012\066\301\375\044\075\001\240\365\173\342\174 +\170\146\103\213\117\131\362\233\331\372\111\263\002\003\001\000 +\001\243\202\004\123\060\202\004\117\060\035\006\003\125\035\016 +\004\026\004\024\147\046\226\347\241\277\330\265\003\235\376\073 +\334\376\362\212\346\025\335\060\060\202\001\106\006\003\125\035 +\043\004\202\001\075\060\202\001\071\200\024\147\046\226\347\241 +\277\330\265\003\235\376\073\334\376\362\212\346\025\335\060\241 +\202\001\034\244\202\001\030\060\202\001\024\061\013\060\011\006 +\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004 +\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020 +\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141 +\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111 +\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151 +\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056 +\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106 +\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060 +\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103 +\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143\141 +\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057 +\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040 +\103\114\101\123\105\101\061\040\103\145\162\164\151\146\151\143 +\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061 +\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017 +\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\202 +\001\000\060\014\006\003\125\035\023\004\005\060\003\001\001\377 +\060\014\006\003\125\035\017\004\005\003\003\007\377\200\060\153 +\006\003\125\035\045\004\144\060\142\006\010\053\006\001\005\005 +\007\003\001\006\010\053\006\001\005\005\007\003\002\006\010\053 +\006\001\005\005\007\003\003\006\010\053\006\001\005\005\007\003 +\004\006\010\053\006\001\005\005\007\003\010\006\012\053\006\001 +\004\001\202\067\002\001\025\006\012\053\006\001\004\001\202\067 +\002\001\026\006\012\053\006\001\004\001\202\067\012\003\001\006 +\012\053\006\001\004\001\202\067\012\003\004\060\021\006\011\140 +\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\032 +\006\003\125\035\021\004\023\060\021\201\017\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\060\032\006\003\125\035 +\022\004\023\060\021\201\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163\060\102\006\011\140\206\110\001\206\370 +\102\001\015\004\065\026\063\103\114\101\123\105\101\061\040\103 +\101\040\103\145\162\164\151\146\151\143\141\164\145\040\151\163 +\163\165\145\144\040\142\171\040\150\164\164\160\072\057\057\167 +\167\167\056\151\160\163\056\145\163\057\060\051\006\011\140\206 +\110\001\206\370\102\001\002\004\034\026\032\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\060\073\006\011\140\206\110\001\206\370\102 +\001\004\004\056\026\054\150\164\164\160\072\057\057\167\167\167 +\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057 +\151\160\163\062\060\060\062\103\114\101\123\105\101\061\056\143 +\162\154\060\100\006\011\140\206\110\001\206\370\102\001\003\004 +\063\026\061\150\164\164\160\072\057\057\167\167\167\056\151\160 +\163\056\145\163\057\151\160\163\062\060\060\062\057\162\145\166 +\157\143\141\164\151\157\156\103\114\101\123\105\101\061\056\150 +\164\155\154\077\060\075\006\011\140\206\110\001\206\370\102\001 +\007\004\060\026\056\150\164\164\160\072\057\057\167\167\167\056 +\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057\162 +\145\156\145\167\141\154\103\114\101\123\105\101\061\056\150\164 +\155\154\077\060\073\006\011\140\206\110\001\206\370\102\001\010 +\004\056\026\054\150\164\164\160\072\057\057\167\167\167\056\151 +\160\163\056\145\163\057\151\160\163\062\060\060\062\057\160\157 +\154\151\143\171\103\114\101\123\105\101\061\056\150\164\155\154 +\060\165\006\003\125\035\037\004\156\060\154\060\062\240\060\240 +\056\206\054\150\164\164\160\072\057\057\167\167\167\056\151\160 +\163\056\145\163\057\151\160\163\062\060\060\062\057\151\160\163 +\062\060\060\062\103\114\101\123\105\101\061\056\143\162\154\060 +\066\240\064\240\062\206\060\150\164\164\160\072\057\057\167\167 +\167\142\141\143\153\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\151\160\163\062\060\060\062\103\114\101\123 +\105\101\061\056\143\162\154\060\057\006\010\053\006\001\005\005 +\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005\005 +\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163\160 +\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110\206 +\367\015\001\001\005\005\000\003\201\201\000\176\272\212\254\200 +\000\204\025\012\325\230\121\014\144\305\234\002\130\203\146\312 +\255\036\007\315\176\152\332\200\007\337\003\064\112\034\223\304 +\113\130\040\065\066\161\355\242\012\065\022\245\246\145\247\205 +\151\012\016\343\141\356\352\276\050\223\063\325\354\350\276\304 +\333\137\177\250\371\143\061\310\153\226\342\051\302\133\240\347 +\227\066\235\167\136\061\153\376\323\247\333\052\333\333\226\213 +\037\146\336\266\003\300\053\263\170\326\125\007\345\217\071\120 +\336\007\043\162\346\275\040\024\113\264\206 +END + +# Trust for Certificate "IPS CLASEA1 root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASEA1 root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\063\243\065\302\074\350\003\113\004\341\075\345\304\216\171\032 +\353\214\062\004 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\014\370\236\027\374\324\003\275\346\215\233\074\005\207\376\204 +END +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003 +\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\061 +\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101 +\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206 +\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS CLASEA3 root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASEA3 root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003 +\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063 +\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101 +\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206 +\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003 +\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063 +\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101 +\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206 +\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\007\367\060\202\007\140\240\003\002\001\002\002\001\000 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023\046 +\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040\103 +\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164 +\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206\110 +\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154 +\056\151\160\163\056\145\163\060\036\027\015\060\061\061\062\062 +\071\060\061\060\067\065\060\132\027\015\062\065\061\062\062\067 +\060\061\060\067\065\060\132\060\202\001\024\061\013\060\011\006 +\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004 +\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020 +\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141 +\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111 +\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151 +\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056 +\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106 +\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060 +\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103 +\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143\141 +\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057 +\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040 +\103\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143 +\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061 +\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017 +\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\060 +\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005 +\000\003\201\215\000\060\201\211\002\201\201\000\356\200\000\366 +\032\144\056\255\152\310\203\261\213\247\356\217\331\266\333\315 +\033\273\206\006\042\166\063\014\022\155\110\126\141\322\334\202 +\045\142\057\237\322\151\060\145\003\102\043\130\274\107\334\153 +\326\165\135\027\074\341\377\362\130\147\171\240\301\201\261\324 +\126\242\362\215\021\231\375\366\175\361\307\304\136\002\052\232 +\342\112\265\023\212\000\375\214\167\206\346\327\224\365\040\165 +\056\016\114\277\164\304\077\201\076\203\264\243\070\066\051\347 +\350\052\365\214\210\101\252\200\246\343\154\357\002\003\001\000 +\001\243\202\004\123\060\202\004\117\060\035\006\003\125\035\016 +\004\026\004\024\036\237\127\120\107\266\141\223\071\323\054\374 +\332\135\075\005\165\267\231\002\060\202\001\106\006\003\125\035 +\043\004\202\001\075\060\202\001\071\200\024\036\237\127\120\107 +\266\141\223\071\323\054\374\332\135\075\005\165\267\231\002\241 +\202\001\034\244\202\001\030\060\202\001\024\061\013\060\011\006 +\003\125\004\006\023\002\105\123\061\022\060\020\006\003\125\004 +\010\023\011\102\141\162\143\145\154\157\156\141\061\022\060\020 +\006\003\125\004\007\023\011\102\141\162\143\145\154\157\156\141 +\061\056\060\054\006\003\125\004\012\023\045\111\120\123\040\111 +\156\164\145\162\156\145\164\040\160\165\142\154\151\163\150\151 +\156\147\040\123\145\162\166\151\143\145\163\040\163\056\154\056 +\061\053\060\051\006\003\125\004\012\024\042\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\040\103\056\111\056\106 +\056\040\040\102\055\066\060\071\062\071\064\065\062\061\057\060 +\055\006\003\125\004\013\023\046\111\120\123\040\103\101\040\103 +\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143\141 +\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\057 +\060\055\006\003\125\004\003\023\046\111\120\123\040\103\101\040 +\103\114\101\123\105\101\063\040\103\145\162\164\151\146\151\143 +\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061 +\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026\017 +\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163\202 +\001\000\060\014\006\003\125\035\023\004\005\060\003\001\001\377 +\060\014\006\003\125\035\017\004\005\003\003\007\377\200\060\153 +\006\003\125\035\045\004\144\060\142\006\010\053\006\001\005\005 +\007\003\001\006\010\053\006\001\005\005\007\003\002\006\010\053 +\006\001\005\005\007\003\003\006\010\053\006\001\005\005\007\003 +\004\006\010\053\006\001\005\005\007\003\010\006\012\053\006\001 +\004\001\202\067\002\001\025\006\012\053\006\001\004\001\202\067 +\002\001\026\006\012\053\006\001\004\001\202\067\012\003\001\006 +\012\053\006\001\004\001\202\067\012\003\004\060\021\006\011\140 +\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\032 +\006\003\125\035\021\004\023\060\021\201\017\151\160\163\100\155 +\141\151\154\056\151\160\163\056\145\163\060\032\006\003\125\035 +\022\004\023\060\021\201\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163\060\102\006\011\140\206\110\001\206\370 +\102\001\015\004\065\026\063\103\114\101\123\105\101\063\040\103 +\101\040\103\145\162\164\151\146\151\143\141\164\145\040\151\163 +\163\165\145\144\040\142\171\040\150\164\164\160\072\057\057\167 +\167\167\056\151\160\163\056\145\163\057\060\051\006\011\140\206 +\110\001\206\370\102\001\002\004\034\026\032\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\060\073\006\011\140\206\110\001\206\370\102 +\001\004\004\056\026\054\150\164\164\160\072\057\057\167\167\167 +\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057 +\151\160\163\062\060\060\062\103\114\101\123\105\101\063\056\143 +\162\154\060\100\006\011\140\206\110\001\206\370\102\001\003\004 +\063\026\061\150\164\164\160\072\057\057\167\167\167\056\151\160 +\163\056\145\163\057\151\160\163\062\060\060\062\057\162\145\166 +\157\143\141\164\151\157\156\103\114\101\123\105\101\063\056\150 +\164\155\154\077\060\075\006\011\140\206\110\001\206\370\102\001 +\007\004\060\026\056\150\164\164\160\072\057\057\167\167\167\056 +\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057\162 +\145\156\145\167\141\154\103\114\101\123\105\101\063\056\150\164 +\155\154\077\060\073\006\011\140\206\110\001\206\370\102\001\010 +\004\056\026\054\150\164\164\160\072\057\057\167\167\167\056\151 +\160\163\056\145\163\057\151\160\163\062\060\060\062\057\160\157 +\154\151\143\171\103\114\101\123\105\101\063\056\150\164\155\154 +\060\165\006\003\125\035\037\004\156\060\154\060\062\240\060\240 +\056\206\054\150\164\164\160\072\057\057\167\167\167\056\151\160 +\163\056\145\163\057\151\160\163\062\060\060\062\057\151\160\163 +\062\060\060\062\103\114\101\123\105\101\063\056\143\162\154\060 +\066\240\064\240\062\206\060\150\164\164\160\072\057\057\167\167 +\167\142\141\143\153\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\151\160\163\062\060\060\062\103\114\101\123 +\105\101\063\056\143\162\154\060\057\006\010\053\006\001\005\005 +\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005\005 +\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163\160 +\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110\206 +\367\015\001\001\005\005\000\003\201\201\000\112\075\040\107\032 +\332\211\364\172\053\061\171\354\001\300\314\001\365\326\301\374 +\310\303\363\120\002\121\220\130\052\237\347\065\011\133\060\012 +\201\000\045\107\257\324\017\016\236\140\046\250\225\247\203\010 +\337\055\254\351\016\367\234\310\237\313\223\105\361\272\152\306 +\147\121\112\151\117\153\376\175\013\057\122\051\302\120\255\044 +\104\355\043\263\110\313\104\100\301\003\225\014\012\170\006\022 +\001\365\221\061\055\111\215\273\077\105\116\054\340\350\315\265 +\311\024\025\014\343\007\203\233\046\165\357 +END + +# Trust for Certificate "IPS CLASEA3 root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS CLASEA3 root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\026\324\044\376\226\020\341\165\031\257\043\053\266\207\164\342 +\101\104\276\156 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\006\371\353\354\314\126\235\210\272\220\365\272\260\032\340\002 +END +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\057\060\055\006\003\125\004\013\023 +\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\057\060\055\006\003\125\004\003 +\023\046\111\120\123\040\103\101\040\103\114\101\123\105\101\063 +\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101 +\165\164\150\157\162\151\164\171\061\036\060\034\006\011\052\206 +\110\206\367\015\001\011\001\026\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS Servidores root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS Servidores root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105 +\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102 +\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004 +\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144 +\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145 +\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060 +\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126 +\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105 +\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102 +\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004 +\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144 +\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145 +\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060 +\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126 +\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\002\267\060\202\002\040\002\001\000\060\015\006\011\052 +\206\110\206\367\015\001\001\004\005\000\060\201\243\061\013\060 +\011\006\003\125\004\006\023\002\105\123\061\022\060\020\006\003 +\125\004\010\023\011\102\101\122\103\105\114\117\116\101\061\022 +\060\020\006\003\125\004\007\023\011\102\101\122\103\105\114\117 +\116\101\061\031\060\027\006\003\125\004\012\023\020\111\120\123 +\040\123\145\147\165\162\151\144\141\144\040\103\101\061\030\060 +\026\006\003\125\004\013\023\017\103\145\162\164\151\146\151\143 +\141\143\151\157\156\145\163\061\027\060\025\006\003\125\004\003 +\023\016\111\120\123\040\123\105\122\126\111\104\117\122\105\123 +\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001\026 +\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145\163 +\060\036\027\015\071\070\060\061\060\061\062\063\062\061\060\067 +\132\027\015\060\071\061\062\062\071\062\063\062\061\060\067\132 +\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105 +\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102 +\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004 +\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144 +\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145 +\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060 +\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126 +\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163\060\201\237\060\015\006\011\052\206\110 +\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002 +\201\201\000\254\117\122\164\237\071\352\216\334\045\304\274\230 +\135\230\144\044\011\074\041\263\314\031\265\216\224\216\207\321 +\370\067\076\241\310\055\130\244\200\065\133\241\165\154\035\105 +\014\037\141\143\152\136\157\233\012\114\301\310\270\141\043\065 +\201\377\376\254\170\160\055\150\341\072\007\230\225\002\124\335 +\315\043\267\200\123\327\310\067\105\162\006\044\022\272\023\141 +\041\212\156\165\050\340\305\017\064\375\066\330\105\177\341\270 +\066\357\263\341\306\040\216\350\264\070\274\341\076\366\021\336 +\214\235\001\002\003\001\000\001\060\015\006\011\052\206\110\206 +\367\015\001\001\004\005\000\003\201\201\000\054\363\303\171\130 +\044\336\306\073\321\340\102\151\270\356\144\263\075\142\001\271 +\263\204\337\043\175\335\230\317\020\251\376\000\330\042\226\005 +\023\007\124\127\305\247\336\313\331\270\210\102\366\231\333\024 +\167\037\266\376\045\075\341\242\076\003\251\201\322\055\154\107 +\365\226\106\214\042\253\310\314\015\016\227\136\213\101\264\073 +\304\012\006\100\035\335\106\364\001\335\272\202\056\074\075\170 +\160\236\174\030\320\253\370\270\167\007\106\161\361\312\013\143 +\134\152\371\162\224\325\001\117\240\333\102 +END + +# Trust for Certificate "IPS Servidores root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS Servidores root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\044\272\155\154\212\133\130\067\244\215\265\372\351\031\352\147 +\134\224\322\027 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\173\265\010\231\232\214\030\277\205\047\175\016\256\332\262\253 +END +CKA_ISSUER MULTILINE_OCTAL +\060\201\243\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\101\122\103\105 +\114\117\116\101\061\022\060\020\006\003\125\004\007\023\011\102 +\101\122\103\105\114\117\116\101\061\031\060\027\006\003\125\004 +\012\023\020\111\120\123\040\123\145\147\165\162\151\144\141\144 +\040\103\101\061\030\060\026\006\003\125\004\013\023\017\103\145 +\162\164\151\146\151\143\141\143\151\157\156\145\163\061\027\060 +\025\006\003\125\004\003\023\016\111\120\123\040\123\105\122\126 +\111\104\117\122\105\123\061\036\060\034\006\011\052\206\110\206 +\367\015\001\011\001\026\017\151\160\163\100\155\141\151\154\056 +\151\160\163\056\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR + +# +# Certificate "IPS Timestamping root" +# +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS Timestamping root" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023 +\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155 +\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151 +\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062 +\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151 +\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151 +\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151 +\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011 +\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023 +\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155 +\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151 +\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062 +\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151 +\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151 +\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151 +\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011 +\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\010\070\060\202\007\241\240\003\002\001\002\002\001\000 +\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 +\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105\123 +\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143\145 +\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011\102 +\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125\004 +\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164\040 +\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166\151 +\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125\004 +\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060\071 +\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023\053 +\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155\160 +\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151\157 +\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062\006 +\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151\155 +\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151\146 +\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164 +\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011\001 +\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056\145 +\163\060\036\027\015\060\061\061\062\062\071\060\061\061\060\061 +\070\132\027\015\062\065\061\062\062\067\060\061\061\060\061\070 +\132\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002 +\105\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162 +\143\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023 +\011\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003 +\125\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145 +\164\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162 +\166\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003 +\125\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160 +\163\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066 +\060\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013 +\023\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141 +\155\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164 +\151\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060 +\062\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124 +\151\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164 +\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162 +\151\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001 +\011\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\060\201\237\060\015\006\011\052\206\110\206\367\015 +\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000 +\274\270\356\126\245\232\214\346\066\311\302\142\240\146\201\215 +\032\325\172\322\163\237\016\204\144\272\225\264\220\247\170\257 +\312\376\124\141\133\316\262\040\127\001\256\104\222\103\020\070 +\021\367\150\374\027\100\245\150\047\062\073\304\247\346\102\161 +\305\231\357\166\377\053\225\044\365\111\222\030\150\312\000\265 +\244\132\057\156\313\326\033\054\015\124\147\153\172\051\241\130 +\253\242\132\000\326\133\273\030\302\337\366\036\023\126\166\233 +\245\150\342\230\316\306\003\212\064\333\114\203\101\246\251\243 +\002\003\001\000\001\243\202\004\200\060\202\004\174\060\035\006 +\003\125\035\016\004\026\004\024\213\320\020\120\011\201\362\235 +\011\325\016\140\170\003\042\242\077\310\312\146\060\202\001\120 +\006\003\125\035\043\004\202\001\107\060\202\001\103\200\024\213 +\320\020\120\011\201\362\235\011\325\016\140\170\003\042\242\077 +\310\312\146\241\202\001\046\244\202\001\042\060\202\001\036\061 +\013\060\011\006\003\125\004\006\023\002\105\123\061\022\060\020 +\006\003\125\004\010\023\011\102\141\162\143\145\154\157\156\141 +\061\022\060\020\006\003\125\004\007\023\011\102\141\162\143\145 +\154\157\156\141\061\056\060\054\006\003\125\004\012\023\045\111 +\120\123\040\111\156\164\145\162\156\145\164\040\160\165\142\154 +\151\163\150\151\156\147\040\123\145\162\166\151\143\145\163\040 +\163\056\154\056\061\053\060\051\006\003\125\004\012\024\042\151 +\160\163\100\155\141\151\154\056\151\160\163\056\145\163\040\103 +\056\111\056\106\056\040\040\102\055\066\060\071\062\071\064\065 +\062\061\064\060\062\006\003\125\004\013\023\053\111\120\123\040 +\103\101\040\124\151\155\145\163\164\141\155\160\151\156\147\040 +\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165 +\164\150\157\162\151\164\171\061\064\060\062\006\003\125\004\003 +\023\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141 +\155\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164 +\151\157\156\040\101\165\164\150\157\162\151\164\171\061\036\060 +\034\006\011\052\206\110\206\367\015\001\011\001\026\017\151\160 +\163\100\155\141\151\154\056\151\160\163\056\145\163\202\001\000 +\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\014 +\006\003\125\035\017\004\005\003\003\007\377\200\060\153\006\003 +\125\035\045\004\144\060\142\006\010\053\006\001\005\005\007\003 +\001\006\010\053\006\001\005\005\007\003\002\006\010\053\006\001 +\005\005\007\003\003\006\010\053\006\001\005\005\007\003\004\006 +\010\053\006\001\005\005\007\003\010\006\012\053\006\001\004\001 +\202\067\002\001\025\006\012\053\006\001\004\001\202\067\002\001 +\026\006\012\053\006\001\004\001\202\067\012\003\001\006\012\053 +\006\001\004\001\202\067\012\003\004\060\021\006\011\140\206\110 +\001\206\370\102\001\001\004\004\003\002\000\007\060\032\006\003 +\125\035\021\004\023\060\021\201\017\151\160\163\100\155\141\151 +\154\056\151\160\163\056\145\163\060\032\006\003\125\035\022\004 +\023\060\021\201\017\151\160\163\100\155\141\151\154\056\151\160 +\163\056\145\163\060\107\006\011\140\206\110\001\206\370\102\001 +\015\004\072\026\070\124\151\155\145\163\164\141\155\160\151\156 +\147\040\103\101\040\103\145\162\164\151\146\151\143\141\164\145 +\040\151\163\163\165\145\144\040\142\171\040\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\060\051\006 +\011\140\206\110\001\206\370\102\001\002\004\034\026\032\150\164 +\164\160\072\057\057\167\167\167\056\151\160\163\056\145\163\057 +\151\160\163\062\060\060\062\057\060\100\006\011\140\206\110\001 +\206\370\102\001\004\004\063\026\061\150\164\164\160\072\057\057 +\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062\060 +\060\062\057\151\160\163\062\060\060\062\124\151\155\145\163\164 +\141\155\160\151\156\147\056\143\162\154\060\105\006\011\140\206 +\110\001\206\370\102\001\003\004\070\026\066\150\164\164\160\072 +\057\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163 +\062\060\060\062\057\162\145\166\157\143\141\164\151\157\156\124 +\151\155\145\163\164\141\155\160\151\156\147\056\150\164\155\154 +\077\060\102\006\011\140\206\110\001\206\370\102\001\007\004\065 +\026\063\150\164\164\160\072\057\057\167\167\167\056\151\160\163 +\056\145\163\057\151\160\163\062\060\060\062\057\162\145\156\145 +\167\141\154\124\151\155\145\163\164\141\155\160\151\156\147\056 +\150\164\155\154\077\060\100\006\011\140\206\110\001\206\370\102 +\001\010\004\063\026\061\150\164\164\160\072\057\057\167\167\167 +\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062\057 +\160\157\154\151\143\171\124\151\155\145\163\164\141\155\160\151 +\156\147\056\150\164\155\154\060\177\006\003\125\035\037\004\170 +\060\166\060\067\240\065\240\063\206\061\150\164\164\160\072\057 +\057\167\167\167\056\151\160\163\056\145\163\057\151\160\163\062 +\060\060\062\057\151\160\163\062\060\060\062\124\151\155\145\163 +\164\141\155\160\151\156\147\056\143\162\154\060\073\240\071\240 +\067\206\065\150\164\164\160\072\057\057\167\167\167\142\141\143 +\153\056\151\160\163\056\145\163\057\151\160\163\062\060\060\062 +\057\151\160\163\062\060\060\062\124\151\155\145\163\164\141\155 +\160\151\156\147\056\143\162\154\060\057\006\010\053\006\001\005 +\005\007\001\001\004\043\060\041\060\037\006\010\053\006\001\005 +\005\007\060\001\206\023\150\164\164\160\072\057\057\157\143\163 +\160\056\151\160\163\056\145\163\057\060\015\006\011\052\206\110 +\206\367\015\001\001\005\005\000\003\201\201\000\145\272\301\314 +\000\032\225\221\312\351\154\072\277\072\036\024\010\174\373\203 +\356\153\142\121\323\063\221\265\140\171\176\004\330\135\171\067 +\350\303\133\260\304\147\055\150\132\262\137\016\012\372\315\077 +\072\105\241\352\066\317\046\036\247\021\050\305\224\217\204\114 +\123\010\305\223\263\374\342\177\365\215\363\261\251\205\137\210 +\336\221\226\356\027\133\256\245\352\160\145\170\054\041\144\001 +\225\316\316\114\076\120\364\266\131\313\143\215\266\275\030\324 +\207\112\137\334\357\351\126\360\012\014\350\165 +END + +# Trust for Certificate "IPS Timestamping root" +CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "IPS Timestamping root" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\226\231\134\167\021\350\345\055\371\343\113\354\354\147\323\313 +\361\266\304\322 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\056\003\375\305\365\327\053\224\144\301\276\211\061\361\026\233 +END +CKA_ISSUER MULTILINE_OCTAL +\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105 +\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143 +\145\154\157\156\141\061\022\060\020\006\003\125\004\007\023\011 +\102\141\162\143\145\154\157\156\141\061\056\060\054\006\003\125 +\004\012\023\045\111\120\123\040\111\156\164\145\162\156\145\164 +\040\160\165\142\154\151\163\150\151\156\147\040\123\145\162\166 +\151\143\145\163\040\163\056\154\056\061\053\060\051\006\003\125 +\004\012\024\042\151\160\163\100\155\141\151\154\056\151\160\163 +\056\145\163\040\103\056\111\056\106\056\040\040\102\055\066\060 +\071\062\071\064\065\062\061\064\060\062\006\003\125\004\013\023 +\053\111\120\123\040\103\101\040\124\151\155\145\163\164\141\155 +\160\151\156\147\040\103\145\162\164\151\146\151\143\141\164\151 +\157\156\040\101\165\164\150\157\162\151\164\171\061\064\060\062 +\006\003\125\004\003\023\053\111\120\123\040\103\101\040\124\151 +\155\145\163\164\141\155\160\151\156\147\040\103\145\162\164\151 +\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151 +\164\171\061\036\060\034\006\011\052\206\110\206\367\015\001\011 +\001\026\017\151\160\163\100\155\141\151\154\056\151\160\163\056 +\145\163 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\001\000 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR diff --git a/security/nss/lib/ckfw/builtins/config.mk b/security/nss/lib/ckfw/builtins/config.mk index f4d64b0f0..e816baaa2 100644 --- a/security/nss/lib/ckfw/builtins/config.mk +++ b/security/nss/lib/ckfw/builtins/config.mk @@ -42,8 +42,10 @@ LIBRARY = IMPORT_LIBRARY = PROGRAM = -ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET))) +ifeq (,$(filter-out WIN%,$(OS_TARGET))) SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) + RES = $(OBJDIR)/$(LIBRARY_NAME).res + RESNAME = $(LIBRARY_NAME).rc endif ifdef BUILD_IDG @@ -56,3 +58,10 @@ endif ifeq ($(OS_TARGET),Darwin) DSO_LDOPTS = -bundle endif + +ifeq ($(OS_TARGET),SunOS) +# The -R '$ORIGIN' linker option instructs this library to search for its +# dependencies in the same directory where it resides. +MKSHLIB += -R '$$ORIGIN' +endif + diff --git a/security/nss/lib/ckfw/builtins/manifest.mn b/security/nss/lib/ckfw/builtins/manifest.mn index 86a794fbd..5a3813fd4 100644 --- a/security/nss/lib/ckfw/builtins/manifest.mn +++ b/security/nss/lib/ckfw/builtins/manifest.mn @@ -51,6 +51,7 @@ CSRCS = \ bslot.c \ btoken.c \ certdata.c \ + ckbiver.c \ $(NULL) REQUIRES = nspr diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h index 1354854aa..6184711a4 100644 --- a/security/nss/lib/ckfw/builtins/nssckbi.h +++ b/security/nss/lib/ckfw/builtins/nssckbi.h @@ -41,22 +41,44 @@ * this release on NSS. To determine the version numbers of the builtin * module you are using, use the appropriate PKCS #11 calls. * - * These version number details changes to the PKCS #11 interface. They map + * These version numbers detail changes to the PKCS #11 interface. They map * to the PKCS #11 spec versions. */ #define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2 #define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 1 -/* These are the correct verion numbers that details the changes - * to the list of trusted certificates. */ +/* These version numbers detail the changes + * to the list of trusted certificates. + * + * The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped + * for each NSS minor release AND whenever we change the list of + * trusted certificates. 10 minor versions are allocated for each + * NSS 3.x branch as follows, allowing us to change the list of + * trusted certificates up to 9 times on each branch. + * - NSS 3.5 branch: 3-9 + * - NSS 3.6 branch: 10-19 + * - NSS 3.7 branch: 20-29 + * - NSS 3.8 branch: 30-39 + * - NSS 3.9 branch: 40-49 + * - NSS 3.10 branch: 50-59 + * ... + * - NSS 3.14 branch: 90-99 + * ... + * - NSS 3.30 branch: 250-255 + * + * NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear + * whether we may use its full range (0-255) or only 0-99 because + * of the comment in the CK_VERSION type definition. + */ #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1 -#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 40 +#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 41 +#define NSS_BUILTINS_LIBRARY_VERSION "1.41" -/* These verion numbers that details the semantic changes to the ckfw engine. */ +/* These version numbers detail the semantic changes to the ckfw engine. */ #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1 #define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0 -/* These verion numbers that details the semantic changes to ckbi itself +/* These version numbers detail the semantic changes to ckbi itself * (new PKCS #11 objects), etc. */ #define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1 #define NSS_BUILTINS_FIRMWARE_VERSION_MINOR 0 diff --git a/security/nss/lib/ckfw/ckfw.h b/security/nss/lib/ckfw/ckfw.h index 2e83f8c35..719b6fa4a 100644 --- a/security/nss/lib/ckfw/ckfw.h +++ b/security/nss/lib/ckfw/ckfw.h @@ -107,6 +107,7 @@ NSS_EXTERN NSSCKFWInstance * nssCKFWInstance_Create ( CK_C_INITIALIZE_ARGS_PTR pInitArgs, + CryptokiLockingState LockingState, NSSCKMDInstance *mdInstance, CK_RV *pError ); @@ -1821,6 +1822,7 @@ NSS_EXTERN NSSCKFWMutex * nssCKFWMutex_Create ( CK_C_INITIALIZE_ARGS_PTR pInitArgs, + CryptokiLockingState LockingState, NSSArena *arena, CK_RV *pError ); diff --git a/security/nss/lib/ckfw/ckfwm.h b/security/nss/lib/ckfw/ckfwm.h index 615efe2b6..8940cdc96 100644 --- a/security/nss/lib/ckfw/ckfwm.h +++ b/security/nss/lib/ckfw/ckfwm.h @@ -158,9 +158,10 @@ nssCKFWHash_Iterate void *closure ); -NSS_EXTERN void +NSS_EXTERN CK_RV nssSetLockArgs( - CK_C_INITIALIZE_ARGS_PTR pInitArgs + CK_C_INITIALIZE_ARGS_PTR pInitArgs, + CryptokiLockingState* returned ); diff --git a/security/nss/lib/ckfw/instance.c b/security/nss/lib/ckfw/instance.c index 103726573..93011b30d 100644 --- a/security/nss/lib/ckfw/instance.c +++ b/security/nss/lib/ckfw/instance.c @@ -97,6 +97,8 @@ struct NSSCKFWInstanceStr { NSSArena *arena; NSSCKMDInstance *mdInstance; CK_C_INITIALIZE_ARGS_PTR pInitArgs; + CK_C_INITIALIZE_ARGS initArgs; + CryptokiLockingState LockingState; CK_BBOOL mayCreatePthreads; NSSUTF8 *configurationData; CK_ULONG nSlots; @@ -188,6 +190,7 @@ NSS_IMPLEMENT NSSCKFWInstance * nssCKFWInstance_Create ( CK_C_INITIALIZE_ARGS_PTR pInitArgs, + CryptokiLockingState LockingState, NSSCKMDInstance *mdInstance, CK_RV *pError ) @@ -221,9 +224,11 @@ nssCKFWInstance_Create fwInstance->arena = arena; fwInstance->mdInstance = mdInstance; - fwInstance->pInitArgs = pInitArgs; + fwInstance->LockingState = LockingState; if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) { + fwInstance->initArgs = *pInitArgs; + fwInstance->pInitArgs = &fwInstance->initArgs; if( pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS ) { fwInstance->mayCreatePthreads = CK_FALSE; } else { @@ -234,7 +239,8 @@ nssCKFWInstance_Create fwInstance->mayCreatePthreads = CK_TRUE; } - fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, arena, pError); + fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, LockingState, arena, + pError); if( (NSSCKFWMutex *)NULL == fwInstance->mutex ) { if( CKR_OK == *pError ) { *pError = CKR_GENERAL_ERROR; @@ -358,7 +364,9 @@ nssCKFWInstance_Create } } - (void)NSSArena_Destroy(arena); + if (arena) { + (void)NSSArena_Destroy(arena); + } return (NSSCKFWInstance *)NULL; } @@ -499,7 +507,8 @@ nssCKFWInstance_CreateMutex } #endif /* NSSDEBUG */ - mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, arena, pError); + mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, fwInstance->LockingState, + arena, pError); if( (NSSCKFWMutex *)NULL == mutex ) { if( CKR_OK == *pError ) { *pError = CKR_GENERAL_ERROR; diff --git a/security/nss/lib/ckfw/mutex.c b/security/nss/lib/ckfw/mutex.c index 789616683..15308fe5b 100644 --- a/security/nss/lib/ckfw/mutex.c +++ b/security/nss/lib/ckfw/mutex.c @@ -129,79 +129,40 @@ NSS_EXTERN NSSCKFWMutex * nssCKFWMutex_Create ( CK_C_INITIALIZE_ARGS_PTR pInitArgs, + CryptokiLockingState LockingState, NSSArena *arena, CK_RV *pError ) { NSSCKFWMutex *mutex; - CK_ULONG count = (CK_ULONG)0; - CK_BBOOL os_ok = CK_FALSE; - - if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) { - if( (CK_CREATEMUTEX )NULL != pInitArgs->CreateMutex ) count++; - if( (CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex ) count++; - if( (CK_LOCKMUTEX )NULL != pInitArgs->LockMutex ) count++; - if( (CK_UNLOCKMUTEX )NULL != pInitArgs->UnlockMutex ) count++; - os_ok = (pInitArgs->flags & CKF_OS_LOCKING_OK) ? CK_TRUE : CK_FALSE; - - if( (0 != count) && (4 != count) ) { - *pError = CKR_ARGUMENTS_BAD; - return (NSSCKFWMutex *)NULL; - } - } - - if( (0 == count) && (CK_TRUE == os_ok) ) { - /* - * This is case #2 in the description of C_Initialize: - * The library will be called in a multithreaded way, but - * no routines were specified: os locking calls should be - * used. Unfortunately, this can be hard.. like, I think - * I may have to dynamically look up the entry points in - * the instance of NSPR already going in the application. - * - * I know that *we* always specify routines, so this only - * comes up if someone is using NSS to create their own - * PCKS#11 modules for other products. Oh, heck, I'll - * worry about this then. - */ - *pError = CKR_CANT_LOCK; - return (NSSCKFWMutex *)NULL; - } - + mutex = nss_ZNEW(arena, NSSCKFWMutex); if( (NSSCKFWMutex *)NULL == mutex ) { *pError = CKR_HOST_MEMORY; return (NSSCKFWMutex *)NULL; } - if( 0 == count ) { - /* - * With the above test out of the way, we know this is case - * #1 in the description of C_Initialize: this library will - * not be called in a multithreaded way. I'll just return - * an object with noop calls. - */ - - mutex->Destroy = (CK_DESTROYMUTEX)mutex_noop; - mutex->Lock = (CK_LOCKMUTEX )mutex_noop; - mutex->Unlock = (CK_UNLOCKMUTEX )mutex_noop; - } else { - /* - * We know that we're in either case #3 or #4 in the description - * of C_Initialize. Case #3 says we should use the specified - * functions, case #4 cays we can use either the specified ones - * or the OS ones. I'll use the specified ones. - */ - - mutex->Destroy = pInitArgs->DestroyMutex; - mutex->Lock = pInitArgs->LockMutex; - mutex->Unlock = pInitArgs->UnlockMutex; + switch (LockingState) + { + default: + case SingleThreaded: + *pError = CKR_OK; + mutex->Destroy = (CK_DESTROYMUTEX)mutex_noop; + mutex->Lock = (CK_LOCKMUTEX )mutex_noop; + mutex->Unlock = (CK_UNLOCKMUTEX )mutex_noop; + break; + + case MultiThreaded: + *pError = pInitArgs->CreateMutex(&mutex->etc); + mutex->Destroy = pInitArgs->DestroyMutex; + mutex->Lock = pInitArgs->LockMutex; + mutex->Unlock = pInitArgs->UnlockMutex; + break; + } - *pError = pInitArgs->CreateMutex(&mutex->etc); - if( CKR_OK != *pError ) { - (void)nss_ZFreeIf(mutex); - return (NSSCKFWMutex *)NULL; - } + if( CKR_OK != *pError ) { + (void)nss_ZFreeIf(mutex); + return (NSSCKFWMutex *)NULL; } #ifdef DEBUG @@ -343,3 +304,4 @@ NSSCKFWMutex_Unlock return nssCKFWMutex_Unlock(mutex); } + diff --git a/security/nss/lib/ckfw/nsprstub.c b/security/nss/lib/ckfw/nsprstub.c index 0801023d4..68549357f 100644 --- a/security/nss/lib/ckfw/nsprstub.c +++ b/security/nss/lib/ckfw/nsprstub.c @@ -345,15 +345,76 @@ PR_IMPLEMENT(PRInt32) PR_AtomicSet(PRInt32 *val) { return ++(*val); } PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); } #endif /* ! (WIN32 && GCC) */ -CK_C_INITIALIZE_ARGS_PTR nssstub_initArgs = NULL; -NSSArena *nssstub_arena = NULL; -PR_IMPLEMENT(void) -nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs) +static CK_C_INITIALIZE_ARGS_PTR nssstub_pInitArgs = NULL; +static CK_C_INITIALIZE_ARGS nssstub_initArgs; +static NSSArena *nssstub_arena = NULL; +static CryptokiLockingState nssstub_LockingState = SingleThreaded; + +PR_IMPLEMENT(CK_RV) +nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs, CryptokiLockingState* returned) { - if (nssstub_initArgs == NULL) { - nssstub_initArgs = pInitArgs; + CK_ULONG count = (CK_ULONG)0; + CK_BBOOL os_ok = CK_FALSE; + CK_RV rv = CKR_OK; + if (nssstub_pInitArgs == NULL) { + if (pInitArgs != NULL) { + nssstub_initArgs = *pInitArgs; + nssstub_pInitArgs = &nssstub_initArgs; + if( (CK_CREATEMUTEX )NULL != pInitArgs->CreateMutex ) count++; + if( (CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex ) count++; + if( (CK_LOCKMUTEX )NULL != pInitArgs->LockMutex ) count++; + if( (CK_UNLOCKMUTEX )NULL != pInitArgs->UnlockMutex ) count++; + os_ok = (pInitArgs->flags & CKF_OS_LOCKING_OK) ? CK_TRUE : CK_FALSE; + + if( (0 != count) && (4 != count) ) { + rv = CKR_ARGUMENTS_BAD; + goto loser; + } + } else { + nssstub_pInitArgs = pInitArgs; + } /* nssstub_arena = NSSArena_Create(); */ } + + if( (0 == count) && (CK_TRUE == os_ok) ) { + /* + * This is case #2 in the description of C_Initialize: + * The library will be called in a multithreaded way, but + * no routines were specified: os locking calls should be + * used. Unfortunately, this can be hard.. like, I think + * I may have to dynamically look up the entry points in + * the instance of NSPR already going in the application. + * + * I know that *we* always specify routines, so this only + * comes up if someone is using NSS to create their own + * PCKS#11 modules for other products. Oh, heck, I'll + * worry about this then. + */ + rv = CKR_CANT_LOCK; + goto loser; + } + + if( 0 == count ) { + /* + * With the above test out of the way, we know this is case + * #1 in the description of C_Initialize: this library will + * not be called in a multithreaded way. + */ + + nssstub_LockingState = SingleThreaded; + } else { + /* + * We know that we're in either case #3 or #4 in the description + * of C_Initialize. Case #3 says we should use the specified + * functions, case #4 cays we can use either the specified ones + * or the OS ones. I'll use the specified ones. + */ + nssstub_LockingState = MultiThreaded; + } + + loser: + *returned = nssstub_LockingState; + return rv; } /* @@ -369,7 +430,7 @@ PR_NewLock(void) { NSSCKFWMutex *mlock = NULL; CK_RV error; - mlock = nssCKFWMutex_Create(nssstub_initArgs,nssstub_arena,&error); + mlock = nssCKFWMutex_Create(nssstub_pInitArgs,nssstub_LockingState,nssstub_arena,&error); lock = (PRLock *)mlock; /* if we don't have a lock, nssCKFWMutex can deal with things */ diff --git a/security/nss/lib/ckfw/nssckfwt.h b/security/nss/lib/ckfw/nssckfwt.h index 13be0f325..f8855be0e 100644 --- a/security/nss/lib/ckfw/nssckfwt.h +++ b/security/nss/lib/ckfw/nssckfwt.h @@ -108,4 +108,9 @@ typedef struct NSSCKFWFindObjectsStr NSSCKFWFindObjects; struct NSSCKFWMutexStr; typedef struct NSSCKFWMutexStr NSSCKFWMutex; +typedef enum { + SingleThreaded, + MultiThreaded +} CryptokiLockingState ; + #endif /* NSSCKFWT_H */ diff --git a/security/nss/lib/ckfw/wrap.c b/security/nss/lib/ckfw/wrap.c index 08ad62baf..caba8c45d 100644 --- a/security/nss/lib/ckfw/wrap.c +++ b/security/nss/lib/ckfw/wrap.c @@ -135,6 +135,7 @@ NSSCKFWC_Initialize ) { CK_RV error = CKR_OK; + CryptokiLockingState locking_state; if( (NSSCKFWInstance **)NULL == pFwInstance ) { error = CKR_GENERAL_ERROR; @@ -154,9 +155,12 @@ NSSCKFWC_Initialize /* remember the locking args for those times we need to get a lock in code * outside the framework. */ - nssSetLockArgs(pInitArgs); + error = nssSetLockArgs(pInitArgs, &locking_state); + if (CKR_OK != error) { + goto loser; + } - *pFwInstance = nssCKFWInstance_Create(pInitArgs, mdInstance, &error); + *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error); if( (NSSCKFWInstance *)NULL == *pFwInstance ) { goto loser; } diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c index 48847a74b..f3ca9b3ed 100644 --- a/security/nss/lib/dev/devutil.c +++ b/security/nss/lib/dev/devutil.c @@ -582,6 +582,7 @@ clear_cache ( nssCryptokiObjectAndAttributes **oa; PRUint32 objectType; for (objectType = cachedCerts; objectType <= cachedCRLs; objectType++) { + cache->searchedObjectType[objectType] = PR_FALSE; if (!cache->objects[objectType]) { continue; } @@ -593,7 +594,6 @@ clear_cache ( } nss_ZFreeIf(cache->objects[objectType]); cache->objects[objectType] = NULL; - cache->searchedObjectType[objectType] = PR_FALSE; } } diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile index eb6e33d78..365cf882e 100644 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@ -179,26 +179,28 @@ endif # Note: -xarch=v8 or v9 is now done in coreconf ifeq ($(OS_TARGET),SunOS) + +# The -R '$ORIGIN' linker option instructs this library to search for its +# dependencies in the same directory where it resides. +MKSHLIB += -R '$$ORIGIN' + ifeq ($(CPU_ARCH),sparc) ifndef NS_USE_GCC ifdef USE_HYBRID OS_CFLAGS += -xchip=ultra2 -endif -endif -ifeq (5.5.1,$(firstword $(sort 5.5.1 $(OS_RELEASE)))) - SYSV_SPARC = 1 -endif -ifeq ($(SYSV_SPARC),1) +endif # USE_HYBRID +endif # NS_USE_GCC +SYSV_SPARC=1 SOLARIS_AS = /usr/ccs/bin/as ifdef NS_USE_GCC ifdef GCC_USE_GNU_LD MKSHLIB += -Wl,-Bsymbolic,-z,defs,-z,now,-z,text,--version-script,mapfile.Solaris else MKSHLIB += -Wl,-B,symbolic,-z,defs,-z,now,-z,text,-M,mapfile.Solaris -endif +endif # GCC_USE_GNU_LD else MKSHLIB += -B symbolic -z defs -z now -z text -M mapfile.Solaris -endif +endif # NS_USE_GCC ifdef USE_PURE_32 # this builds for Sparc v8 pure 32-bit architecture DEFINES += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD @@ -222,14 +224,13 @@ else DEFINES += -DMP_USE_UINT_DIGIT SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC # ASM_SUFFIX = .S -endif -endif +endif # USE_64 +endif # USE_PURE_32 ifdef NSS_ENABLE_ECC DEFINES += -DECL_USE_FP ECL_SRCS += ecp_fp160.c ecp_fp192.c ecp_fp224.c ecp_fp.c ECL_HDRS += ecp_fp.h -endif -endif +endif # NSS_ENABLE_ECC else # Solaris x86 DEFINES += -D_X86_ diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h index 6ef924902..c16ec9db3 100644 --- a/security/nss/lib/freebl/blapit.h +++ b/security/nss/lib/freebl/blapit.h @@ -113,7 +113,7 @@ */ #define RSA_MIN_MODULUS_BITS 128 #define DH_MIN_P_BITS 128 -#define DH_MAX_P_BITS 1024 +#define DH_MAX_P_BITS 2236 /* * The FIPS 186 algorithm for generating primes P and Q allows only 9 diff --git a/security/nss/lib/nss/config.mk b/security/nss/lib/nss/config.mk index 4ca5480f3..0300f82bc 100644 --- a/security/nss/lib/nss/config.mk +++ b/security/nss/lib/nss/config.mk @@ -103,10 +103,19 @@ SHARED_LIBRARY_DIRS = \ ifeq ($(OS_TARGET),SunOS) -# The -R '$ORIGIN' linker option instructs libnss3.so to search for its -# dependencies (libsoftokn3.so) in the same directory where it resides. +ifeq ($(BUILD_SUN_PKG), 1) +# The -R '$ORIGIN' linker option instructs this library to search for its +# dependencies in the same directory where it resides. +ifeq ($(USE_64), 1) +MKSHLIB += -R '$$ORIGIN:/usr/lib/mps/secv1/sparcv9:/usr/lib/mps/sparcv9' +else +MKSHLIB += -R '$$ORIGIN:/usr/lib/mps/secv1:/usr/lib/mps' +endif +else MKSHLIB += -R '$$ORIGIN' endif +endif + ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET))) ifndef NS_USE_GCC diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index 40e959697..63a03d961 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -783,3 +783,28 @@ SEC_DupCrl; ;+ local: ;+ *; ;+}; +;+NSS_3.9.2 { # NSS 3.9.2 release +;+ global: +NSS_IsInitialized; +PK11_DestroyGenericObject; +PK11_DestroyGenericObjects; +PK11_FindGenericObjects; +PK11_GetNextGenericObject; +PK11_GetPrevGenericObject; +PK11_LinkGenericObject; +PK11_ReadRawAttribute; +PK11_UnlinkGenericObject; +;+ local: +;+ *; +;+}; +;+NSS_3.9.3 { # NSS 3.9.3 release +;+ global: +PK11_PrivDecryptPKCS1; +PK11_PubEncryptPKCS1; +SECMOD_CancelWait; +SECMOD_HasRemovableSlots; +SECMOD_UpdateSlotList; +SECMOD_WaitForAnyTokenEvent; +;+ local: +;+ *; +;+}; diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index f71e3adc0..783686bda 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -49,11 +49,11 @@ SEC_BEGIN_PROTOS * The format of the version string should be * "<major version>.<minor version>[.<patch level>] [<Beta>]" */ -#define NSS_VERSION "3.9.1" +#define NSS_VERSION "3.9.3 Beta 3" #define NSS_VMAJOR 3 #define NSS_VMINOR 9 -#define NSS_VPATCH 1 -#define NSS_BETA PR_FALSE +#define NSS_VPATCH 3 +#define NSS_BETA PR_TRUE /* @@ -85,6 +85,11 @@ extern SECStatus NSS_Init(const char *configdir); extern SECStatus NSS_InitReadWrite(const char *configdir); /* + * Returns whether NSS has already been initialized or not. + */ +extern PRBool NSS_IsInitialized(void); + +/* * Open the Cert, Key, and Security Module databases, read/write. * Initialize the Random Number Generator. * Does not initialize the cipher policies or enables. diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c index dce2bed09..9468d456b 100644 --- a/security/nss/lib/nss/nssinit.c +++ b/security/nss/lib/nss/nssinit.c @@ -568,6 +568,11 @@ NSS_Shutdown(void) extern const char __nss_base_rcsid[]; +PRBool +NSS_IsInitialized(void) +{ + return nss_IsInitted; +} extern const char __nss_base_sccsid[]; PRBool diff --git a/security/nss/lib/pk11wrap/debug_module.c b/security/nss/lib/pk11wrap/debug_module.c index 34cd54384..62542756d 100644 --- a/security/nss/lib/pk11wrap/debug_module.c +++ b/security/nss/lib/pk11wrap/debug_module.c @@ -149,11 +149,11 @@ static void get_attr_type_str(CK_ATTRIBUTE_TYPE atype, char *str, int len) } } -static void get_obj_class(CK_OBJECT_CLASS class, char *str, int len) +static void get_obj_class(CK_OBJECT_CLASS objClass, char *str, int len) { #define SETO(objc) \ PR_snprintf(str, len, "%s", objc); break; - switch (class) { + switch (objClass) { #ifndef AIX_64BIT case CKO_DATA: SETO("CKO_DATA"); case CKO_CERTIFICATE: SETO("CKO_CERTIFICATE"); @@ -167,7 +167,7 @@ static void get_obj_class(CK_OBJECT_CLASS class, char *str, int len) case CKO_NETSCAPE_TRUST: SETO("CKO_NETSCAPE_TRUST"); case CKO_NETSCAPE_BUILTIN_ROOT_LIST: SETO("CKO_NETSCAPE_BUILTIN_ROOT_LIST"); #endif - default: PR_snprintf(str, len, "0x%p", class); break; + default: PR_snprintf(str, len, "0x%p", objClass); break; } } @@ -223,8 +223,8 @@ static void print_attr_value(CK_ATTRIBUTE_PTR attr) } case CKA_CLASS: if (attr->ulValueLen > 0 && attr->pValue) { - CK_OBJECT_CLASS class = *((CK_OBJECT_CLASS *)attr->pValue); - get_obj_class(class, valstr, sizeof valstr); + CK_OBJECT_CLASS objClass = *((CK_OBJECT_CLASS *)attr->pValue); + get_obj_class(objClass, valstr, sizeof valstr); PR_LOG(modlog, 4, (" %s = %s [%d]", atype, valstr, attr->ulValueLen)); break; diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index 470792e72..2780f1c8e 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -94,6 +94,7 @@ static PRStatus convert_cert(NSSCertificate *c, void *arg) CERTCertificate *nss3cert; SECStatus secrv; struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg; + /* 'c' is not adopted. caller will free it */ nss3cert = STAN_GetCERTCertificate(c); if (!nss3cert) return PR_FAILURE; secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg); @@ -327,7 +328,7 @@ PK11_IsUserCert(PK11SlotInfo *slot, CERTCertificate *cert, if (cert == NULL) return PR_FALSE; theClass = CKO_PRIVATE_KEY; - if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) { + if (pk11_LoginStillRequired(slot,NULL)) { theClass = CKO_PUBLIC_KEY; } if (PK11_MatchItem(slot, certID , theClass) != CK_INVALID_HANDLE) { @@ -467,7 +468,7 @@ static CERTCertificate id.ulValueLen = c->id.size; *nickptr = pk11_buildNickname(slot, &label, privateLabel, &id); } - return STAN_GetCERTCertificate(c); + return STAN_GetCERTCertificateOrRelease(c); } CK_TRUST @@ -991,6 +992,21 @@ typedef struct pk11CertCallbackStr { void *callbackArg; } pk11CertCallback; + +/* + * Authenticate to "unfriendly" tokens (tokens which need to be logged + * in to find the certs. + */ +static SECStatus +pk11_AuthenticateUnfriendly(PK11SlotInfo *slot, PRBool loadCerts, void *wincx) +{ + SECStatus rv = SECSuccess; + if (!PK11_IsFriendly(slot)) { + rv = PK11_Authenticate(slot, loadCerts, wincx); + } + return rv; +} + /* * Extract all the certs on a card from a slot. */ @@ -1007,9 +1023,9 @@ pk11_TraverseAllSlots( SECStatus (*callback)(PK11SlotInfo *,void *), /* look at each slot and authenticate as necessary */ for (le = list->head ; le; le = le->next) { - if (!PK11_IsFriendly(le->slot)) { - rv = PK11_Authenticate(le->slot, PR_FALSE, wincx); - if (rv != SECSuccess) continue; + rv = pk11_AuthenticateUnfriendly(le->slot, PR_FALSE, wincx); + if (rv != SECSuccess) { + continue; } if (callback) { (*callback)(le->slot,arg); @@ -1186,13 +1202,11 @@ PK11_FindObjectsFromNickname(char *nickname,PK11SlotInfo **slotptr, return CK_INVALID_HANDLE; } - if (!PK11_IsFriendly(slot)) { - rv = PK11_Authenticate(slot, PR_TRUE, wincx); - if (rv != SECSuccess) { - PK11_FreeSlot(slot); - *slotptr = NULL; - return CK_INVALID_HANDLE; - } + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); + if (rv != SECSuccess) { + PK11_FreeSlot(slot); + *slotptr = NULL; + return CK_INVALID_HANDLE; } findTemplate[0].pValue = nickname; @@ -1244,8 +1258,7 @@ transfer_token_certs_to_collection(nssList *certList, NSSToken *token, } nssTokenArray_Destroy(tokens); } - /* *must* be a valid CERTCertificate, came from cache */ - CERT_DestroyCertificate(STAN_GetCERTCertificate(certs[i])); + CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(certs[i])); } nss_ZFreeIf(certs); } @@ -1272,11 +1285,13 @@ PK11_FindCertFromNickname(char *nickname, void *wincx) NSSCertificate **certs = NULL; NSSUsage usage; NSSToken *token; + NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain(); PK11SlotInfo *slot = NULL; + SECStatus rv; char *nickCopy; char *delimit = NULL; char *tokenName; - NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain(); + usage.anyUsage = PR_TRUE; nickCopy = PORT_Strdup(nickname); if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) { @@ -1301,10 +1316,9 @@ PK11_FindCertFromNickname(char *nickname, void *wincx) if (!PK11_IsPresent(slot)) { goto loser; } - if (!PK11_IsFriendly(slot)) { - if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) { - goto loser; - } + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); + if (rv != SECSuccess) { + goto loser; } collection = nssCertificateCollection_Create(defaultTD, NULL); if (!collection) { @@ -1355,7 +1369,7 @@ PK11_FindCertFromNickname(char *nickname, void *wincx) cert = nssCertificateArray_FindBestCertificate(certs, NULL, &usage, NULL); if (cert) { - rvCert = STAN_GetCERTCertificate(cert); + rvCert = STAN_GetCERTCertificateOrRelease(cert); } nssCertificateArray_Destroy(certs); } @@ -1413,6 +1427,8 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) { NSSCertificate *c; NSSToken *token; PK11SlotInfo *slot; + SECStatus rv; + nickCopy = PORT_Strdup(nickname); if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) { tokenName = nickCopy; @@ -1435,12 +1451,11 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) { nssList *nameList; nssCryptokiObject **instances; nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly; - if (!PK11_IsFriendly(slot)) { - if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) { - PK11_FreeSlot(slot); - if (nickCopy) PORT_Free(nickCopy); - return NULL; - } + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); + if (rv != SECSuccess) { + PK11_FreeSlot(slot); + if (nickCopy) PORT_Free(nickCopy); + return NULL; } collection = nssCertificateCollection_Create(defaultTD, NULL); if (!collection) { @@ -1479,8 +1494,10 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) { PRTime now = PR_Now(); certList = CERT_NewCertList(); for (i=0, c = *foundCerts; c; c = foundCerts[++i]) { - CERTCertificate *certCert = STAN_GetCERTCertificate(c); + CERTCertificate *certCert = STAN_GetCERTCertificateOrRelease(c); + /* c may be invalid after this, don't reference it */ if (certCert) { + /* CERT_AddCertToListSorted adopts certCert */ CERT_AddCertToListSorted(certList, certCert, CERT_SortCBValidity, &now); } @@ -1489,6 +1506,7 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) { CERT_DestroyCertList(certList); certList = NULL; } + /* all the certs have been adopted or freed, free the raw array */ nss_ZFreeIf(foundCerts); } return certList; @@ -1909,7 +1927,7 @@ PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot, CERTCertificate *cert, /* * issue the find */ - rv = PK11_Authenticate(slot, PR_TRUE, wincx); + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); if (rv != SECSuccess) { return NULL; } @@ -1919,7 +1937,19 @@ PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot, CERTCertificate *cert, return NULL; } keyh = PK11_MatchItem(slot,certh,CKO_PRIVATE_KEY); - if (keyh == CK_INVALID_HANDLE) { return NULL; } + if ((keyh == CK_INVALID_HANDLE) && + (PORT_GetError() == SSL_ERROR_NO_CERTIFICATE) && + pk11_LoginStillRequired(slot, wincx)) { + /* try it again authenticated */ + rv = PK11_Authenticate(slot, PR_TRUE, wincx); + if (rv != SECSuccess) { + return NULL; + } + keyh = PK11_MatchItem(slot,certh,CKO_PRIVATE_KEY); + } + if (keyh == CK_INVALID_HANDLE) { + return NULL; + } return PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyh, wincx); } @@ -1969,10 +1999,15 @@ PK11_KeyForCertExists(CERTCertificate *cert, CK_OBJECT_HANDLE *keyPtr, /* Look for the slot that holds the Key */ for (le = list->head ; le; le = le->next) { - rv = PK11_Authenticate(le->slot, PR_TRUE, wincx); - if (rv != SECSuccess) continue; - key = pk11_FindPrivateKeyFromCertID(le->slot,keyID); + if ((key == CK_INVALID_HANDLE) && + (PORT_GetError() == SSL_ERROR_NO_CERTIFICATE) && + pk11_LoginStillRequired(le->slot,wincx)) { + /* authenticate and try again */ + rv = PK11_Authenticate(le->slot, PR_TRUE, wincx); + if (rv != SECSuccess) continue; + key = pk11_FindPrivateKeyFromCertID(le->slot,keyID); + } if (key != CK_INVALID_HANDLE) { slot = PK11_ReferenceSlot(le->slot); if (keyPtr) *keyPtr = key; @@ -2060,10 +2095,8 @@ pk11_FindCertObjectByTemplate(PK11SlotInfo **slotPtr, /* Look for the slot that holds the Key */ for (le = list->head ; le; le = le->next) { - if (!PK11_IsFriendly(le->slot)) { - rv = PK11_Authenticate(le->slot, PR_TRUE, wincx); - if (rv != SECSuccess) continue; - } + rv = pk11_AuthenticateUnfriendly(le->slot, PR_TRUE, wincx); + if (rv != SECSuccess) continue; certHandle = pk11_FindObjectByTemplate(le->slot,searchTemplate,count); if (certHandle != CK_INVALID_HANDLE) { @@ -2141,6 +2174,7 @@ PK11_FindCertByIssuerAndSNOnToken(PK11SlotInfo *slot, } object = NULL; /* adopted by the previous call */ nssTrustDomain_AddCertsToCache(td, &cert,1); + /* on failure, cert is freed below */ rvCert = STAN_GetCERTCertificate(cert); if (!rvCert) { goto loser; @@ -2224,10 +2258,8 @@ pk11_AllFindCertObjectByRecipientNew(NSSCMSRecipient **recipientlist, void *winc /* Look for the slot that holds the Key */ for (le = list->head ; le; le = le->next) { - if ( !PK11_IsFriendly(le->slot)) { - rv = PK11_Authenticate(le->slot, PR_TRUE, wincx); - if (rv != SECSuccess) continue; - } + rv = pk11_AuthenticateUnfriendly(le->slot, PR_TRUE, wincx); + if (rv != SECSuccess) continue; cert = pk11_FindCertObjectByRecipientNew(le->slot, recipientlist, rlIndex, wincx); @@ -2299,10 +2331,8 @@ pk11_AllFindCertObjectByRecipient(PK11SlotInfo **slotPtr, /* Look for the slot that holds the Key */ for (le = list->head ; le; le = le->next) { - if ( !PK11_IsFriendly(le->slot)) { - rv = PK11_Authenticate(le->slot, PR_TRUE, wincx); - if (rv != SECSuccess) continue; - } + rv = pk11_AuthenticateUnfriendly(le->slot, PR_TRUE, wincx); + if (rv != SECSuccess) continue; cert = pk11_FindCertObjectByRecipient(le->slot, recipientArray, rip, wincx); @@ -2335,7 +2365,6 @@ PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slotPtr, SECKEYPrivateKey**privKey, void *wincx) { CERTCertificate *cert = NULL; - SECStatus rv; *privKey = NULL; *slotPtr = NULL; @@ -2344,11 +2373,6 @@ PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slotPtr, return NULL; } - rv = PK11_Authenticate(*slotPtr,PR_TRUE,wincx); - if (rv != SECSuccess) { - goto loser; - } - *privKey = PK11_FindKeyByAnyCert(cert, wincx); if (*privKey == NULL) { goto loser; @@ -2416,11 +2440,6 @@ PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist, void *win /* at this point, rl->slot is set */ - /* authenticate to the token */ - if (PK11_Authenticate(rl->slot, PR_TRUE, wincx) != SECSuccess) { - goto loser; - } - rl->privkey = PK11_FindKeyByAnyCert(cert, wincx); if (rl->privkey == NULL) { goto loser; @@ -2499,22 +2518,34 @@ PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN, &serial); if (cert) { SECITEM_FreeItem(derSerial, PR_TRUE); - return STAN_GetCERTCertificate(cert); + return STAN_GetCERTCertificateOrRelease(cert); } -retry: - cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber( + + do { + /* free the old cert on retry. Associated slot was not present */ + if (rvCert) { + CERT_DestroyCertificate(rvCert); + rvCert = NULL; + } + + cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber( STAN_GetDefaultTrustDomain(), &issuer, &serial); - if (cert) { - rvCert = STAN_GetCERTCertificate(cert); - /* Check to see if the cert's token is still there */ - if (!PK11_IsPresent(rvCert->slot)) { - CERT_DestroyCertificate(rvCert); - goto retry; + if (!cert) { + break; } - if (slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot); - } + + rvCert = STAN_GetCERTCertificateOrRelease(cert); + if (rvCert == NULL) { + break; + } + + /* Check to see if the cert's token is still there */ + } while (!PK11_IsPresent(rvCert->slot)); + + if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot); + SECITEM_FreeItem(derSerial, PR_TRUE); return rvCert; #endif @@ -2556,25 +2587,29 @@ PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx) CK_OBJECT_HANDLE certHandle; CK_OBJECT_HANDLE keyHandle; PK11SlotInfo *slot = NULL; - SECKEYPrivateKey *privKey; + SECKEYPrivateKey *privKey = NULL; SECStatus rv; certHandle = PK11_FindObjectForCert(cert, wincx, &slot); if (certHandle == CK_INVALID_HANDLE) { return NULL; } - rv = PK11_Authenticate(slot, PR_TRUE, wincx); - if (rv != SECSuccess) { - PK11_FreeSlot(slot); - return NULL; - } keyHandle = PK11_MatchItem(slot,certHandle,CKO_PRIVATE_KEY); - if (keyHandle == CK_INVALID_HANDLE) { + if ((keyHandle == CK_INVALID_HANDLE) && + (PORT_GetError() == SSL_ERROR_NO_CERTIFICATE) && + pk11_LoginStillRequired(slot,wincx)) { + /* authenticate and try again */ + rv = PK11_Authenticate(slot, PR_TRUE, wincx); + if (rv == SECSuccess) { + keyHandle = PK11_MatchItem(slot,certHandle,CKO_PRIVATE_KEY); + } + } + if (keyHandle != CK_INVALID_HANDLE) { + privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx); + } + if (slot) { PK11_FreeSlot(slot); - return NULL; } - privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx); - PK11_FreeSlot(slot); return privKey; } @@ -2659,7 +2694,7 @@ PK11_TraverseCertsForSubject(CERTCertificate *cert, PR_FALSE,PR_TRUE,NULL); PK11SlotListElement *le; - /* loop through all the fortezza tokens */ + /* loop through all the tokens */ for (le = list->head; le; le = le->next) { PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg); } @@ -2744,6 +2779,9 @@ PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot, NSSCertificate **cp; for (cp = certs; *cp; cp++) { oldie = STAN_GetCERTCertificate(*cp); + if (!oldie) { + continue; + } if ((*callback)(oldie, arg) != SECSuccess) { nssrv = PR_FAILURE; break; @@ -2841,6 +2879,9 @@ PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot, NSSCertificate **cp; for (cp = certs; *cp; cp++) { oldie = STAN_GetCERTCertificate(*cp); + if (!oldie) { + continue; + } if ((*callback)(oldie, arg) != SECSuccess) { nssrv = PR_FAILURE; break; @@ -2930,6 +2971,9 @@ PK11_TraverseCertsInSlot(PK11SlotInfo *slot, NSSCertificate **cp; for (cp = certs; *cp; cp++) { oldie = STAN_GetCERTCertificate(*cp); + if (!oldie) { + continue; + } if ((*callback)(oldie, arg) != SECSuccess) { nssrv = PR_FAILURE; break; @@ -2961,13 +3005,15 @@ PK11_FindCertFromDERCertItem(PK11SlotInfo *slot, SECItem *inDerCert, NSSDER derCert; NSSToken *tok; NSSTrustDomain *td = STAN_GetDefaultTrustDomain(); + SECStatus rv; + tok = PK11Slot_GetNSSToken(slot); + NSSITEM_FROM_SECITEM(&derCert, inDerCert); - if (!PK11_IsFriendly(slot)) { - if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) { - PK11_FreeSlot(slot); - return NULL; - } + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); + if (rv != SECSuccess) { + PK11_FreeSlot(slot); + return NULL; } c = NSSTrustDomain_FindCertificateByEncodedCertificate(td, &derCert); if (c) { @@ -2988,10 +3034,7 @@ PK11_FindCertFromDERCertItem(PK11SlotInfo *slot, SECItem *inDerCert, nssTokenArray_Destroy(tokens); } } - if (c) { - rvCert = STAN_GetCERTCertificate(c); - } - return rvCert; + return c ? STAN_GetCERTCertificateOrRelease(c) : NULL; } /* mcgreer 3.4 -- nobody uses this, ignoring */ @@ -3023,10 +3066,8 @@ PK11_FindCertFromDERSubjectAndNickname(PK11SlotInfo *slot, /* * issue the find */ - if ( !PK11_IsFriendly(slot)) { - rv = PK11_Authenticate(slot, PR_TRUE, wincx); - if (rv != SECSuccess) return NULL; - } + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); + if (rv != SECSuccess) return NULL; certh = pk11_getcerthandle(slot,cert,theTemplate,tsize); if (certh == CK_INVALID_HANDLE) { @@ -3057,12 +3098,15 @@ pk11_findKeyObjectByDERCert(PK11SlotInfo *slot, CERTCertificate *cert, return CK_INVALID_HANDLE; } - key = CK_INVALID_HANDLE; - - rv = PK11_Authenticate(slot, PR_TRUE, wincx); - if (rv != SECSuccess) goto loser; - key = pk11_FindPrivateKeyFromCertID(slot, keyID); + if ((key == CK_INVALID_HANDLE) && + (PORT_GetError() == SSL_ERROR_NO_CERTIFICATE) && + pk11_LoginStillRequired(slot,wincx)) { + /* authenticate and try again */ + rv = PK11_Authenticate(slot, PR_TRUE, wincx); + if (rv != SECSuccess) goto loser; + key = pk11_FindPrivateKeyFromCertID(slot, keyID); + } loser: SECITEM_ZfreeItem(keyID, PR_TRUE); @@ -3252,7 +3296,7 @@ PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert, void *wincx) /* * issue the find */ - rv = PK11_Authenticate(slot, PR_TRUE, wincx); + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); if (rv != SECSuccess) { return CK_INVALID_HANDLE; } @@ -3277,7 +3321,6 @@ PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx) goto loser; } - crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize); if (crv != CKR_OK) { PORT_SetError( PK11_MapError(crv) ); @@ -3290,7 +3333,6 @@ PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx) item->len = theTemplate[0].ulValueLen; } - loser: PK11_FreeSlot(slot); return item; @@ -3319,7 +3361,6 @@ PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx) item->len = theTemplate[0].ulValueLen; } - loser: return item; } @@ -3366,6 +3407,7 @@ pk11ListCertCallback(NSSCertificate *c, void *arg) return PR_SUCCESS; } + /* caller still owns the reference to 'c' */ newCert = STAN_GetCERTCertificate(c); if (!newCert) { return PR_SUCCESS; @@ -3496,8 +3538,8 @@ PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot, if (slot) { PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, cert->derCert.len); attrs++; - - rv = PK11_Authenticate(slot, PR_TRUE, wincx); + + rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx); if (rv != SECSuccess) { return NULL; } diff --git a/security/nss/lib/pk11wrap/pk11err.c b/security/nss/lib/pk11wrap/pk11err.c index b6846af84..f4b07f508 100644 --- a/security/nss/lib/pk11wrap/pk11err.c +++ b/security/nss/lib/pk11wrap/pk11err.c @@ -87,6 +87,7 @@ PK11_MapError(CK_RV rv) { MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY) MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_BAD_DATA) MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA) + MAPERROR(CKR_NO_EVENT, SEC_ERROR_NO_EVENT) MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA) MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE) MAPERROR(CKR_OPERATION_NOT_INITIALIZED,SEC_ERROR_LIBRARY_FAILURE ) @@ -121,6 +122,7 @@ PK11_MapError(CK_RV rv) { #ifdef PK11_ERROR_USE_ARRAY +}; int PK11_MapError(CK_RV rv) { diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h index ddd968d22..7d92e32f8 100644 --- a/security/nss/lib/pk11wrap/pk11func.h +++ b/security/nss/lib/pk11wrap/pk11func.h @@ -415,11 +415,21 @@ SECKEYPrivateKey * PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID, CK_OBJECT_HANDLE PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot); int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key); + +/* note: despite the name, this function takes a private key. */ SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen); -/* The encrypt version of the above function */ +#define PK11_PrivDecryptRaw PK11_PubDecryptRaw +/* The encrypt function that complements the above decrypt function. */ SECStatus PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc, unsigned char *data, unsigned dataLen, void *wincx); + +SECStatus PK11_PrivDecryptPKCS1(SECKEYPrivateKey *key, unsigned char *data, + unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen); +/* The encrypt function that complements the above decrypt function. */ +SECStatus PK11_PubEncryptPKCS1(SECKEYPublicKey *key, unsigned char *enc, + unsigned char *data, unsigned dataLen, void *wincx); + SECStatus PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot, SECKEYPrivateKeyInfo *pki, SECItem *nickname, SECItem *publicValue, PRBool isPerm, PRBool isPrivate, @@ -652,6 +662,21 @@ PK11DefaultArrayEntry * PK11_GetDefaultArray(int *); SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo *, PK11DefaultArrayEntry *, PRBool ); +/********************************************************************** + * Functions to look at PKCS #11 dependent data + **********************************************************************/ +PK11GenericObject *PK11_FindGenericObjects(PK11SlotInfo *slot, + CK_OBJECT_CLASS objClass); +PK11GenericObject *PK11_GetNextGenericObject(PK11GenericObject *object); +PK11GenericObject *PK11_GetPrevtGenericObject(PK11GenericObject *object); +SECStatus PK11_UnlinkGenericObject(PK11GenericObject *object); +SECStatus PK11_LinkGenericObject(PK11GenericObject *list, + PK11GenericObject *object); +SECStatus PK11_DestroyGenericObjects(PK11GenericObject *object); +SECStatus PK11_DestroyGenericObject(PK11GenericObject *object); +SECStatus PK11_ReadRawAttribute(PK11ObjectType type, void *object, + CK_ATTRIBUTE_TYPE attr, SECItem *item); + /********************************************************************** * New fucntions which are already depricated.... diff --git a/security/nss/lib/pk11wrap/pk11list.c b/security/nss/lib/pk11wrap/pk11list.c index 67bef9573..695990e5d 100644 --- a/security/nss/lib/pk11wrap/pk11list.c +++ b/security/nss/lib/pk11wrap/pk11list.c @@ -41,37 +41,26 @@ #include "secmod.h" #include "secmodi.h" #include "prlong.h" - -#define ISREADING 1 -#define ISWRITING 2 -#define WANTWRITE 4 -#define ISLOCKED 3 +#include "nssrwlk.h" /* * create a new lock for a Module List */ -SECMODListLock *SECMOD_NewListLock() { - SECMODListLock *modLock; - - modLock = (SECMODListLock*)PORT_Alloc(sizeof(SECMODListLock)); +SECMODListLock *SECMOD_NewListLock() +{ #ifdef PKCS11_USE_THREADS - modLock->mutex = NULL; - modLock->monitor = PZ_NewMonitor(nssILockList); + return (SECMODListLock *)NSSRWLock_New( 10, "moduleListLock"); #else - modLock->mutex = NULL; - modLock->monitor = NULL; + return (SECMODListLock *)1; #endif - modLock->state = 0; - modLock->count = 0; - return modLock; } /* * destroy the lock */ -void SECMOD_DestroyListLock(SECMODListLock *lock) { - PK11_USE_THREADS(PZ_DestroyMonitor(lock->monitor);) - PORT_Free(lock); +void SECMOD_DestroyListLock(SECMODListLock *lock) +{ + PK11_USE_THREADS(NSSRWLock_Destroy((NSSRWLock *)lock);) } @@ -79,52 +68,26 @@ void SECMOD_DestroyListLock(SECMODListLock *lock) { * Lock the List for Read: NOTE: this assumes the reading isn't so common * the writing will be starved. */ -void SECMOD_GetReadLock(SECMODListLock *modLock) { -#ifdef PKCS11_USE_THREADS - if (modLock == NULL) return; - PZ_EnterMonitor(modLock->monitor); - while (modLock->state & ISWRITING) { - PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */ - } - modLock->state |= ISREADING; - modLock->count++; - PZ_ExitMonitor(modLock->monitor); -#endif +void SECMOD_GetReadLock(SECMODListLock *modLock) +{ + PK11_USE_THREADS(NSSRWLock_LockRead((NSSRWLock *)modLock);) } /* * Release the Read lock */ -void SECMOD_ReleaseReadLock(SECMODListLock *modLock) { -#ifdef PKCS11_USE_THREADS - if (modLock == NULL) return; - PZ_EnterMonitor(modLock->monitor); - modLock->count--; - if (modLock->count == 0) { - modLock->state &= ~ISREADING; - if (modLock->state & WANTWRITE) { - PZ_Notify(modLock->monitor); /* only one writer at a time */ - } - } - PZ_ExitMonitor(modLock->monitor); -#endif +void SECMOD_ReleaseReadLock(SECMODListLock *modLock) +{ + PK11_USE_THREADS(NSSRWLock_UnlockRead((NSSRWLock *)modLock);) } /* * lock the list for Write */ -void SECMOD_GetWriteLock(SECMODListLock *modLock) { -#ifdef PKCS11_USE_THREADS - if (modLock == NULL) return; - PZ_EnterMonitor(modLock->monitor); - while (modLock->state & ISLOCKED) { - modLock->state |= WANTWRITE; - PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */ - } - modLock->state = ISWRITING; - PZ_ExitMonitor(modLock->monitor); -#endif +void SECMOD_GetWriteLock(SECMODListLock *modLock) +{ + PK11_USE_THREADS(NSSRWLock_LockWrite((NSSRWLock *)modLock);) } @@ -132,14 +95,9 @@ void SECMOD_GetWriteLock(SECMODListLock *modLock) { * Release the Write Lock: NOTE, this code is pretty inefficient if you have * lots of write collisions. */ -void SECMOD_ReleaseWriteLock(SECMODListLock *modLock) { -#ifdef PKCS11_USE_THREADS - if (modLock == NULL) return; - PZ_EnterMonitor(modLock->monitor); - modLock->state = 0; - PR_NotifyAll(modLock->monitor); /* enable all the readers */ - PZ_ExitMonitor(modLock->monitor); -#endif +void SECMOD_ReleaseWriteLock(SECMODListLock *modLock) +{ + PK11_USE_THREADS(NSSRWLock_UnlockWrite((NSSRWLock *)modLock);) } @@ -147,7 +105,8 @@ void SECMOD_ReleaseWriteLock(SECMODListLock *modLock) { * must Hold the Write lock */ void -SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child) { +SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child) +{ *parent = child->next; child->next = NULL; } @@ -157,7 +116,8 @@ SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child) { */ void SECMOD_AddList(SECMODModuleList *parent, SECMODModuleList *child, - SECMODListLock *lock) { + SECMODListLock *lock) +{ if (lock) { SECMOD_GetWriteLock(lock); } child->next = parent->next; diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c index 4da327680..b1a59563e 100644 --- a/security/nss/lib/pk11wrap/pk11load.c +++ b/security/nss/lib/pk11wrap/pk11load.c @@ -79,7 +79,7 @@ CK_RV PR_CALLBACK secmodUnlockMutext(CK_VOID_PTR mutext) { } static SECMODModuleID nextModuleID = 1; -static CK_C_INITIALIZE_ARGS secmodLockFunctions = { +static const CK_C_INITIALIZE_ARGS secmodLockFunctions = { secmodCreateMutext, secmodDestroyMutext, secmodLockMutext, secmodUnlockMutext, CKF_LIBRARY_CANT_CREATE_OS_THREADS| CKF_OS_LOCKING_OK @@ -87,6 +87,41 @@ static CK_C_INITIALIZE_ARGS secmodLockFunctions = { }; /* + * collect the steps we need to initialize a module in a single function + */ +SECStatus +secmod_ModuleInit(SECMODModule *mod) +{ + CK_C_INITIALIZE_ARGS moduleArgs; + CK_VOID_PTR pInitArgs; + CK_RV crv; + + if (mod->isThreadSafe == PR_FALSE) { + pInitArgs = NULL; + } else if (mod->libraryParams == NULL) { + pInitArgs = (void *) &secmodLockFunctions; + } else { + moduleArgs = secmodLockFunctions; + moduleArgs.LibraryParameters = (void *) mod->libraryParams; + pInitArgs = &moduleArgs; + } + crv = PK11_GETTAB(mod)->C_Initialize(pInitArgs); + if (crv != CKR_OK) { + if (pInitArgs == NULL) { + PORT_SetError(PK11_MapError(crv)); + return SECFailure; + } + mod->isThreadSafe = PR_FALSE; + crv = PK11_GETTAB(mod)->C_Initialize(NULL); + if (crv != CKR_OK) { + PORT_SetError(PK11_MapError(crv)); + return SECFailure; + } + } + return SECSuccess; +} + +/* * set the hasRootCerts flags in the module so it can be stored back * into the database. */ @@ -138,7 +173,7 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) { char * full_name; CK_INFO info; CK_ULONG slotCount = 0; - + SECStatus rv; if (mod->loaded) return SECSuccess; @@ -223,17 +258,12 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) { #endif mod->isThreadSafe = PR_TRUE; + /* Now we initialize the module */ - if (mod->libraryParams) { - secmodLockFunctions.LibraryParameters = (void *) mod->libraryParams; - } else { - secmodLockFunctions.LibraryParameters = NULL; + rv = secmod_ModuleInit(mod); + if (rv != SECSuccess) { + goto fail; } - if (PK11_GETTAB(mod)->C_Initialize(&secmodLockFunctions) != CKR_OK) { - mod->isThreadSafe = PR_FALSE; - if (PK11_GETTAB(mod)->C_Initialize(NULL) != CKR_OK) goto fail; - } - /* check the version number */ if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK) goto fail2; if (info.cryptokiVersion.major != 2) goto fail2; @@ -253,7 +283,7 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) { if (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &slotCount) == CKR_OK) { CK_SLOT_ID *slotIDs; int i; - CK_RV rv; + CK_RV crv; mod->slots = (PK11SlotInfo **)PORT_ArenaAlloc(mod->arena, sizeof(PK11SlotInfo *) * slotCount); @@ -263,8 +293,8 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) { if (slotIDs == NULL) { goto fail2; } - rv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount); - if (rv != CKR_OK) { + crv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount); + if (crv != CKR_OK) { PORT_Free(slotIDs); goto fail2; } diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c index bdbe87f33..cd28bbf6e 100644 --- a/security/nss/lib/pk11wrap/pk11pars.c +++ b/security/nss/lib/pk11wrap/pk11pars.c @@ -93,6 +93,7 @@ secmod_NewModule(void) newMod->moduleDBOnly = PR_FALSE; newMod->trustOrder = 0; newMod->cipherOrder = 0; + newMod->evControlMask = 0; #ifdef PKCS11_USE_THREADS newMod->refLock = (void *)PZ_NewLock(nssILockRefLock); if (newMod->refLock == NULL) { @@ -159,9 +160,12 @@ pk11_mkModuleSpec(SECMODModule * module) { char *nss = NULL, *modSpec = NULL, **slotStrings = NULL; int slotCount, i, si; + SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock(); /* allocate target slot info strings */ slotCount = 0; + + SECMOD_GetReadLock(moduleLock); if (module->slotCount) { for (i=0; i < module->slotCount; i++) { if (module->slots[i]->defaultFlags !=0) { @@ -174,6 +178,7 @@ pk11_mkModuleSpec(SECMODModule * module) slotStrings = (char **)PORT_ZAlloc(slotCount*sizeof(char *)); if (slotStrings == NULL) { + SECMOD_ReleaseReadLock(moduleLock); goto loser; } @@ -204,6 +209,7 @@ pk11_mkModuleSpec(SECMODModule * module) } } + SECMOD_ReleaseReadLock(moduleLock); nss = pk11_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS, module->isModuleDB, module->moduleDBOnly, module->isCritical, module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]); @@ -382,8 +388,12 @@ SECMOD_LoadUserModule(char *modulespec,SECMODModule *parent, PRBool recurse) { SECStatus rv = SECSuccess; SECMODModule * newmod = SECMOD_LoadModule(modulespec, parent, recurse); + SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock(); + if (newmod) { + SECMOD_GetReadLock(moduleLock); rv = STAN_AddModuleToDefaultTrustDomain(newmod); + SECMOD_ReleaseReadLock(moduleLock); if (SECSuccess != rv) { SECMOD_DestroyModule(newmod); return NULL; @@ -400,10 +410,14 @@ SECStatus SECMOD_UnloadUserModule(SECMODModule *mod) { SECStatus rv = SECSuccess; int atype = 0; + SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock(); if (!mod) { return SECFailure; } + + SECMOD_GetReadLock(moduleLock); rv = STAN_RemoveModuleFromDefaultTrustDomain(mod); + SECMOD_ReleaseReadLock(moduleLock); if (SECSuccess != rv) { return SECFailure; } diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c index f59f43187..ed39a22c3 100644 --- a/security/nss/lib/pk11wrap/pk11skey.c +++ b/security/nss/lib/pk11wrap/pk11skey.c @@ -1004,6 +1004,8 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, { PRArenaPool *arena; SECKEYPrivateKey *privKey; + PRBool isPrivate; + SECStatus rv; /* don't know? look it up */ if (keyType == nullKey) { @@ -1024,6 +1026,16 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, } } + /* if the key is private, make sure we are authenticated to the + * token before we try to use it */ + isPrivate = (PRBool)PK11_HasAttributeSet(slot,privID,CKA_PRIVATE); + if (isPrivate) { + rv = PK11_Authenticate(slot, PR_TRUE, wincx); + if (rv != SECSuccess) { + return NULL; + } + } + /* now we need to create space for the private key */ arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE); if (arena == NULL) return NULL; @@ -3395,10 +3407,13 @@ PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize) { CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType); + PK11SlotInfo *slot = wrappingKey->pkcs11Slot; - PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx); + if (!PK11_HasAttributeSet(slot,wrappingKey->pkcs11ID,CKA_PRIVATE)) { + PK11_HandlePasswordCheck(slot,wrappingKey->wincx); + } - return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID, + return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID, wrapType, NULL, wrappedKey, target, operation, keySize, wrappingKey->wincx, NULL, 0, PR_FALSE); } @@ -3413,12 +3428,15 @@ PK11_PubUnwrapSymKeyWithFlags(SECKEYPrivateKey *wrappingKey, CK_BBOOL ckTrue = CK_TRUE; CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS]; unsigned int templateCount; + PK11SlotInfo *slot = wrappingKey->pkcs11Slot; templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue); - PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx); + if (!PK11_HasAttributeSet(slot,wrappingKey->pkcs11ID,CKA_PRIVATE)) { + PK11_HandlePasswordCheck(slot,wrappingKey->wincx); + } - return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID, + return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID, wrapType, NULL, wrappedKey, target, operation, keySize, wrappingKey->wincx, keyTemplate, templateCount, PR_FALSE); } @@ -3434,6 +3452,7 @@ PK11_PubUnwrapSymKeyWithFlagsPerm(SECKEYPrivateKey *wrappingKey, CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS]; CK_ATTRIBUTE *attrs; unsigned int templateCount; + PK11SlotInfo *slot = wrappingKey->pkcs11Slot; attrs = keyTemplate; if (isPerm) { @@ -3443,9 +3462,11 @@ PK11_PubUnwrapSymKeyWithFlagsPerm(SECKEYPrivateKey *wrappingKey, templateCount += pk11_FlagsToAttributes(flags, attrs, &cktrue); - PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx); + if (!PK11_HasAttributeSet(slot,wrappingKey->pkcs11ID,CKA_PRIVATE)) { + PK11_HandlePasswordCheck(slot,wrappingKey->wincx); + } - return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID, + return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID, wrapType, NULL, wrappedKey, target, operation, keySize, wrappingKey->wincx, keyTemplate, templateCount, isPerm); } @@ -3569,7 +3590,9 @@ PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash) mech.mechanism = pk11_mapSignKeyType(key->keyType); - PK11_HandlePasswordCheck(slot, key->wincx); + if (!PK11_HasAttributeSet(slot,key->pkcs11ID,CKA_PRIVATE)) { + PK11_HandlePasswordCheck(slot, key->wincx); + } session = pk11_GetNewSession(slot,&owner); if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot); @@ -3600,13 +3623,12 @@ PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash) * then we need to move this check into some of PK11_PubDecrypt callers, * (namely SSL 2.0). */ -SECStatus -PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, +static SECStatus +pk11_PrivDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, unsigned *outLen, unsigned int maxLen, unsigned char *enc, - unsigned encLen) + unsigned encLen, CK_MECHANISM_PTR mech) { PK11SlotInfo *slot = key->pkcs11Slot; - CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 }; CK_ULONG out = maxLen; PRBool owner = PR_TRUE; CK_SESSION_HANDLE session; @@ -3621,10 +3643,12 @@ PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, * decryption? .. because the user may have asked for 'ask always' * and this is a private key operation. In practice, thought, it's mute * since only servers wind up using this function */ - PK11_HandlePasswordCheck(slot, key->wincx); + if (!PK11_HasAttributeSet(slot,key->pkcs11ID,CKA_PRIVATE)) { + PK11_HandlePasswordCheck(slot, key->wincx); + } session = pk11_GetNewSession(slot,&owner); if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot); - crv = PK11_GETTAB(slot)->C_DecryptInit(session,&mech,key->pkcs11ID); + crv = PK11_GETTAB(slot)->C_DecryptInit(session, mech, key->pkcs11ID); if (crv != CKR_OK) { if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot); pk11_CloseSession(slot,session,owner); @@ -3643,25 +3667,43 @@ PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, return SECSuccess; } -/* The encrypt version of the above function */ SECStatus -PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc, - unsigned char *data, unsigned dataLen, void *wincx) +PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, + unsigned *outLen, unsigned int maxLen, unsigned char *enc, + unsigned encLen) { - PK11SlotInfo *slot; CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 }; + return pk11_PrivDecryptRaw(key, data, outLen, maxLen, enc, encLen, &mech); +} + +SECStatus +PK11_PrivDecryptPKCS1(SECKEYPrivateKey *key, unsigned char *data, + unsigned *outLen, unsigned int maxLen, unsigned char *enc, + unsigned encLen) +{ + CK_MECHANISM mech = {CKM_RSA_PKCS, NULL, 0 }; + return pk11_PrivDecryptRaw(key, data, outLen, maxLen, enc, encLen, &mech); +} + +SECStatus +pk11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc, + unsigned char *data, unsigned dataLen, + CK_MECHANISM_PTR mech, void *wincx) +{ + PK11SlotInfo *slot; CK_OBJECT_HANDLE id; - CK_ULONG out = dataLen; + CK_ULONG out; PRBool owner = PR_TRUE; CK_SESSION_HANDLE session; CK_RV crv; - if (key->keyType != rsaKey) { + if (!key || key->keyType != rsaKey) { PORT_SetError( SEC_ERROR_BAD_KEY ); return SECFailure; } + out = SECKEY_PublicKeyStrength(key); - slot = PK11_GetBestSlot(mech.mechanism, wincx); + slot = PK11_GetBestSlot(mech->mechanism, wincx); if (slot == NULL) { PORT_SetError( SEC_ERROR_NO_MODULE ); return SECFailure; @@ -3671,7 +3713,7 @@ PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc, session = pk11_GetNewSession(slot,&owner); if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot); - crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,id); + crv = PK11_GETTAB(slot)->C_EncryptInit(session, mech, id); if (crv != CKR_OK) { if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot); pk11_CloseSession(slot,session,owner); @@ -3690,7 +3732,22 @@ PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc, return SECSuccess; } - +SECStatus +PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc, + unsigned char *data, unsigned dataLen, void *wincx) +{ + CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 }; + return pk11_PubEncryptRaw(key, enc, data, dataLen, &mech, wincx); +} + +SECStatus +PK11_PubEncryptPKCS1(SECKEYPublicKey *key, unsigned char *enc, + unsigned char *data, unsigned dataLen, void *wincx) +{ + CK_MECHANISM mech = {CKM_RSA_PKCS, NULL, 0 }; + return pk11_PubEncryptRaw(key, enc, data, dataLen, &mech, wincx); +} + /********************************************************************** * * Now Deal with Crypto Contexts @@ -5714,3 +5771,220 @@ PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk, void *wincx) return PK11_SymKeyFromHandle(slot, NULL /*parent*/, symk->origin, symk->type, newKeyID, PR_FALSE /*owner*/, NULL /*wincx*/); } + + +/* + * return a linked, non-circular list of generic objects. + * If you are only interested + * in one object, just use the first object in the list. To find the + * rest of the list use PK11_GetNextGenericObject() to return the next object. + * + * You can walk the list with the following code: + * firstObj = PK11_FindGenericObjects(slot, objClass); + * for (thisObj=firstObj; thisObj; + * thisObj=PK11_GetNextGenericObject(thisObj)) { + * /* operate on thisObj */ +/* } + * + * If you want a particular object from the list... + * firstObj = PK11_FindGenericObjects(slot, objClass); + * for (thisObj=firstObj; thisObj; + * thisObj=PK11_GetNextGenericObject(thisObj)) { + * if (isMyObj(thisObj)) { + * if ( thisObj == firstObj) { + * /* NOTE: firstObj could be NULL at this point */ +/* firstObj = PK11_GetNextGenericObject(thsObj); + * } + * PK11_UnlinkGenericObject(thisObj); + * myObj = thisObj; + * break; + * } + * + * PK11_DestroyGenericObjects(firstObj); + * + * /* use myObj */ +/* PK11_DestroyGenericObject(myObj); + */ +PK11GenericObject * +PK11_FindGenericObjects(PK11SlotInfo *slot, CK_OBJECT_CLASS objClass) +{ + CK_ATTRIBUTE template[1]; + CK_ATTRIBUTE *attrs = template; + CK_OBJECT_HANDLE *objectIDs = NULL; + PK11GenericObject *lastObj, *obj; + PK11GenericObject *firstObj = NULL; + int i, count = 0; + + + PK11_SETATTRS(attrs, CKA_CLASS, &objClass, sizeof(objClass)); attrs++; + + objectIDs = pk11_FindObjectsByTemplate(slot,template,1,&count); + if (objectIDs == NULL) { + return NULL; + } + + /* where we connect our object once we've created it.. */ + for (i=0; i < count; i++) { + obj = PORT_New(PK11GenericObject); + if ( !obj ) { + PK11_DestroyGenericObjects(firstObj); + PORT_Free(objectIDs); + return NULL; + } + /* initialize it */ + obj->slot = PK11_ReferenceSlot(slot); + obj->objectID = objectIDs[i]; + obj->next = NULL; + obj->prev = NULL; + + /* link it in */ + if (firstObj == NULL) { + firstObj = obj; + } else { + PK11_LinkGenericObject(lastObj, obj); + } + lastObj = obj; + } + PORT_Free(objectIDs); + return firstObj; +} + +/* + * get the Next Object in the list. + */ +PK11GenericObject * +PK11_GetNextGenericObject(PK11GenericObject *object) +{ + return object->next; +} + +PK11GenericObject * +PK11_GetPrevGenericObject(PK11GenericObject *object) +{ + return object->prev; +} + +/* + * Link a single object into a new list. + * if the object is already in another list, remove it first. + */ +SECStatus +PK11_LinkGenericObject(PK11GenericObject *list, PK11GenericObject *object) +{ + PK11_UnlinkGenericObject(object); + object->prev = list; + object->next = list->next; + list->next = object; + if (object->next != NULL) { + object->next->prev = object; + } + return SECSuccess; +} + +/* + * remove an object from the list. If the object isn't already in + * a list unlink becomes a noop. + */ +SECStatus +PK11_UnlinkGenericObject(PK11GenericObject *object) +{ + if (object->prev != NULL) { + object->prev->next = object->next; + } + if (object->next != NULL) { + object->next->prev = object->prev; + } + + object->next = NULL; + object->prev = NULL; + return SECSuccess; +} + +/* + * This function removes a single object from the list and destroys it. + * For an already unlinked object there is no difference between + * PK11_DestroyGenericObject and PK11_DestroyGenericObjects + */ +SECStatus +PK11_DestroyGenericObject(PK11GenericObject *object) +{ + if (object == NULL) { + return SECSuccess; + } + + PK11_UnlinkGenericObject(object); + if (object->slot) { + PK11_FreeSlot(object->slot); + } + PORT_Free(object); + return SECSuccess; +} + +/* + * walk down a link list of generic objects destroying them. + * This will destroy all objects in a list that the object is linked into. + * (the list is traversed in both directions). + */ +SECStatus +PK11_DestroyGenericObjects(PK11GenericObject *objects) +{ + PK11GenericObject *nextObject; + PK11GenericObject *prevObject = objects->prev; + + if (objects == NULL) { + return SECSuccess; + } + + nextObject = objects->next; + prevObject = objects->prev; + + /* delete all the objects after it in the list */ + for (; objects; objects = nextObject) { + nextObject = objects->next; + PK11_DestroyGenericObject(objects); + } + /* delete all the objects before it in the list */ + for (objects = prevObject; objects; objects = nextObject) { + prevObject = objects->prev; + PK11_DestroyGenericObject(objects); + } + return SECSuccess; +} + + +SECStatus +PK11_ReadRawAttribute(PK11ObjectType objType, void *objSpec, + CK_ATTRIBUTE_TYPE attrType, SECItem *item) +{ + PK11SlotInfo *slot = NULL; + CK_OBJECT_HANDLE handle; + + switch (objType) { + case PK11_TypeGeneric: + slot = ((PK11GenericObject *)objSpec)->slot; + handle = ((PK11GenericObject *)objSpec)->objectID; + break; + case PK11_TypePrivKey: + slot = ((SECKEYPrivateKey *)objSpec)->pkcs11Slot; + handle = ((SECKEYPrivateKey *)objSpec)->pkcs11ID; + break; + case PK11_TypePubKey: + slot = ((SECKEYPublicKey *)objSpec)->pkcs11Slot; + handle = ((SECKEYPublicKey *)objSpec)->pkcs11ID; + break; + case PK11_TypeSymKey: + slot = ((PK11SymKey *)objSpec)->slot; + handle = ((PK11SymKey *)objSpec)->objectID; + break; + case PK11_TypeCert: /* don't handle cert case for now */ + default: + break; + } + if (slot == NULL) { + PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE); + return SECFailure; + } + + return PK11_ReadAttribute(slot, handle, attrType, NULL, item); +} + diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c index 875495940..7f1d078d1 100644 --- a/security/nss/lib/pk11wrap/pk11slot.c +++ b/security/nss/lib/pk11wrap/pk11slot.c @@ -906,11 +906,23 @@ PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout) } /* + * Returns true if the token is needLogin and isn't logged in. + * This function is used to determine if authentication is needed + * before attempting a potentially privelleged operation. + */ +PRBool +pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx) +{ + return slot->needLogin && !PK11_IsLoggedIn(slot,wincx); +} + +/* * make sure a slot is authenticated... + * This function only does the authentication if it is needed. */ SECStatus PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx) { - if (slot->needLogin && !PK11_IsLoggedIn(slot,wincx)) { + if (pk11_LoginStillRequired(slot,wincx)) { return PK11_DoPassword(slot,loadCerts,wincx); } return SECSuccess; @@ -1244,6 +1256,11 @@ void PK11_LogoutAll(void) SECMODModuleList *mlp = NULL; int i; + /* NSS is not initialized, there are not tokens to log out */ + if (lock == NULL) { + return; + } + SECMOD_GetReadLock(lock); /* find the number of entries */ for (mlp = modList; mlp != NULL; mlp = mlp->next) { @@ -2644,7 +2661,7 @@ PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts, if (needRW && slot->readOnly) continue; if ((type == CKM_INVALID_MECHANISM) || PK11_DoesMechanism(slot, type)) { - if (slot->needLogin && !PK11_IsLoggedIn(slot, wincx)) { + if (pk11_LoginStillRequired(slot,wincx)) { if (PK11_IsFriendly(slot)) { PK11_AddSlotToList(friendlyList, slot); } else { diff --git a/security/nss/lib/pk11wrap/pk11util.c b/security/nss/lib/pk11wrap/pk11util.c index 30c828a1d..b54e8792e 100644 --- a/security/nss/lib/pk11wrap/pk11util.c +++ b/security/nss/lib/pk11wrap/pk11util.c @@ -58,7 +58,8 @@ extern int num_pk11_default_mechanisms; void -SECMOD_Init() { +SECMOD_Init() +{ /* don't initialize twice */ if (moduleLock) return; @@ -68,7 +69,8 @@ SECMOD_Init() { SECStatus -SECMOD_Shutdown() { +SECMOD_Shutdown() +{ /* destroy the lock */ if (moduleLock) { SECMOD_DestroyListLock(moduleLock); @@ -124,13 +126,15 @@ SECMOD_Shutdown() { * retrieve the internal module */ SECMODModule * -SECMOD_GetInternalModule(void) { +SECMOD_GetInternalModule(void) +{ return internalModule; } SECStatus -secmod_AddModuleToList(SECMODModuleList **moduleList,SECMODModule *newModule) { +secmod_AddModuleToList(SECMODModuleList **moduleList,SECMODModule *newModule) +{ SECMODModuleList *mlp, *newListElement, *last = NULL; newListElement = SECMOD_NewModuleListElement(); @@ -158,7 +162,8 @@ secmod_AddModuleToList(SECMODModuleList **moduleList,SECMODModule *newModule) { } SECStatus -SECMOD_AddModuleToList(SECMODModule *newModule) { +SECMOD_AddModuleToList(SECMODModule *newModule) +{ if (newModule->internal && !internalModule) { internalModule = SECMOD_ReferenceModule(newModule); } @@ -166,7 +171,8 @@ SECMOD_AddModuleToList(SECMODModule *newModule) { } SECStatus -SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule) { +SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule) +{ if (defaultDBModule == NULL) { defaultDBModule = SECMOD_ReferenceModule(newModule); } @@ -174,16 +180,29 @@ SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule) { } SECStatus -SECMOD_AddModuleToUnloadList(SECMODModule *newModule) { +SECMOD_AddModuleToUnloadList(SECMODModule *newModule) +{ return secmod_AddModuleToList(&modulesUnload,newModule); } /* * get the list of PKCS11 modules that are available. */ -SECMODModuleList *SECMOD_GetDefaultModuleList() { return modules; } +SECMODModuleList * SECMOD_GetDefaultModuleList() { return modules; } SECMODModuleList *SECMOD_GetDeadModuleList() { return modulesUnload; } SECMODModuleList *SECMOD_GetDBModuleList() { return modulesDB; } + +/* + * This lock protects the global module lists. + * it also protects changes to the slot array (module->slots[]) and slot count + * (module->slotCount) in each module. It is a read/write lock with multiple + * readers or one writer. Writes are uncommon. + * Because of legacy considerations protection of the slot array and count is + * only necessary in applications if the application calls + * SECMOD_UpdateSlotList() or SECMOD_WaitForAnyTokenEvent(), though all new + * applications are encouraged to acquire this lock when reading the + * slot array information directly. + */ SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; } @@ -192,7 +211,9 @@ SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; } * find a module by name, and add a reference to it. * return that module. */ -SECMODModule *SECMOD_FindModule(const char *name) { +SECMODModule * +SECMOD_FindModule(const char *name) +{ SECMODModuleList *mlp; SECMODModule *module = NULL; @@ -225,7 +246,9 @@ found: * find a module by ID, and add a reference to it. * return that module. */ -SECMODModule *SECMOD_FindModuleByID(SECMODModuleID id) { +SECMODModule * +SECMOD_FindModuleByID(SECMODModuleID id) +{ SECMODModuleList *mlp; SECMODModule *module = NULL; @@ -238,30 +261,53 @@ SECMODModule *SECMOD_FindModuleByID(SECMODModuleID id) { } } SECMOD_ReleaseReadLock(moduleLock); - + if (module == NULL) { + PORT_SetError(SEC_ERROR_NO_MODULE); + } return module; } /* - * lookup the Slot module based on it's module ID and slot ID. + * Find the Slot based on ID and the module. */ -PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) { +PK11SlotInfo * +SECMOD_FindSlotByID(SECMODModule *module, CK_SLOT_ID slotID) +{ int i; - SECMODModule *module; - - module = SECMOD_FindModuleByID(moduleID); - if (module == NULL) return NULL; + PK11SlotInfo *slot = NULL; + SECMOD_GetReadLock(moduleLock); for (i=0; i < module->slotCount; i++) { - PK11SlotInfo *slot = module->slots[i]; + PK11SlotInfo *cSlot = module->slots[i]; - if (slot->slotID == slotID) { - SECMOD_DestroyModule(module); - return PK11_ReferenceSlot(slot); + if (cSlot->slotID == slotID) { + slot = PK11_ReferenceSlot(cSlot); + break; } } + SECMOD_ReleaseReadLock(moduleLock); + + if (slot == NULL) { + PORT_SetError(SEC_ERROR_NO_SLOT_SELECTED); + } + return slot; +} + +/* + * lookup the Slot module based on it's module ID and slot ID. + */ +PK11SlotInfo * +SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) +{ + SECMODModule *module; + PK11SlotInfo *slot; + + module = SECMOD_FindModuleByID(moduleID); + if (module == NULL) return NULL; + + slot = SECMOD_FindSlotByID(module, slotID); SECMOD_DestroyModule(module); - return NULL; + return slot; } @@ -334,7 +380,8 @@ found: * find a module by name and delete it off the module list */ SECStatus -SECMOD_DeleteModule(const char *name, int *type) { +SECMOD_DeleteModule(const char *name, int *type) +{ return SECMOD_DeleteModuleEx(name, NULL, type, PR_TRUE); } @@ -342,7 +389,8 @@ SECMOD_DeleteModule(const char *name, int *type) { * find a module by name and delete it off the module list */ SECStatus -SECMOD_DeleteInternalModule(const char *name) { +SECMOD_DeleteInternalModule(const char *name) +{ SECMODModuleList *mlp; SECMODModuleList **mlpp; SECStatus rv = SECFailure; @@ -414,7 +462,8 @@ SECMOD_DeleteInternalModule(const char *name) { } SECStatus -SECMOD_AddModule(SECMODModule *newModule) { +SECMOD_AddModule(SECMODModule *newModule) +{ SECStatus rv; SECMODModule *oldModule; @@ -446,10 +495,14 @@ SECMOD_AddModule(SECMODModule *newModule) { return rv; } -PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name) { +PK11SlotInfo * +SECMOD_FindSlot(SECMODModule *module,const char *name) +{ int i; char *string; + PK11SlotInfo *retSlot = NULL; + SECMOD_GetReadLock(moduleLock); for (i=0; i < module->slotCount; i++) { PK11SlotInfo *slot = module->slots[i]; @@ -459,10 +512,17 @@ PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name) { string = PK11_GetSlotName(slot); } if (PORT_Strcmp(name,string) == 0) { - return PK11_ReferenceSlot(slot); + retSlot = PK11_ReferenceSlot(slot); + break; } } + SECMOD_ReleaseReadLock(moduleLock); + + if (retSlot == NULL) { + PORT_SetError(SEC_ERROR_NO_SLOT_SELECTED); + } return NULL; + return retSlot; } SECStatus @@ -497,11 +557,12 @@ PK11_IsFIPS(void) /* combines NewModule() & AddModule */ /* give a string for the module name & the full-path for the dll, */ /* installs the PKCS11 module & update registry */ -SECStatus SECMOD_AddNewModuleEx(const char* moduleName, const char* dllPath, +SECStatus +SECMOD_AddNewModuleEx(const char* moduleName, const char* dllPath, unsigned long defaultMechanismFlags, unsigned long cipherEnableFlags, - char* modparms, - char* nssparms) { + char* modparms, char* nssparms) +{ SECMODModule *module; SECStatus result = SECFailure; int s,i; @@ -522,26 +583,28 @@ SECStatus SECMOD_AddNewModuleEx(const char* moduleName, const char* dllPath, /* turn on SSL cipher enable flags */ module->ssl[0] = cipherEnableFlags; + SECMOD_GetReadLock(moduleLock); /* check each slot to turn on appropriate mechanisms */ for (s = 0; s < module->slotCount; s++) { slot = (module->slots)[s]; /* for each possible mechanism */ for (i=0; i < num_pk11_default_mechanisms; i++) { /* we are told to turn it on by default ? */ - if (PK11_DefaultArray[i].flag & defaultMechanismFlags) { - /* it ignores if slot attribute update failes */ - result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_TRUE); - } else { /* turn this mechanism of the slot off by default */ - result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_FALSE); - } + PRBool add = + (PK11_DefaultArray[i].flag & defaultMechanismFlags) ? + PR_TRUE: PR_FALSE; + result = PK11_UpdateSlotAttribute(slot, + &(PK11_DefaultArray[i]), add); } /* for each mechanism */ /* disable each slot if the defaultFlags say so */ if (defaultMechanismFlags & PK11_DISABLE_FLAG) { PK11_UserDisableSlot(slot); } } /* for each slot of this module */ + SECMOD_ReleaseReadLock(moduleLock); - /* delete and re-add module in order to save changes to the module */ + /* delete and re-add module in order to save changes + * to the module */ result = SECMOD_UpdateModule(module); } } @@ -550,7 +613,8 @@ SECStatus SECMOD_AddNewModuleEx(const char* moduleName, const char* dllPath, return result; } -SECStatus SECMOD_AddNewModule(const char* moduleName, const char* dllPath, +SECStatus +SECMOD_AddNewModule(const char* moduleName, const char* dllPath, unsigned long defaultMechanismFlags, unsigned long cipherEnableFlags) { @@ -559,7 +623,8 @@ SECStatus SECMOD_AddNewModule(const char* moduleName, const char* dllPath, NULL, NULL); /* don't pass module or nss params */ } -SECStatus SECMOD_UpdateModule(SECMODModule *module) +SECStatus +SECMOD_UpdateModule(SECMODModule *module) { SECStatus result; @@ -578,7 +643,9 @@ SECStatus SECMOD_UpdateModule(SECMODModule *module) * puts RANDOM_FLAG at bit 31 (Most-significant bit), but * public representation puts this bit at bit 28 */ -unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags) { +unsigned long +SECMOD_PubMechFlagstoInternal(unsigned long publicFlags) +{ unsigned long internalFlags = publicFlags; if (publicFlags & PUBLIC_MECH_RANDOM_FLAG) { @@ -588,7 +655,9 @@ unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags) { return internalFlags; } -unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags) { +unsigned long +SECMOD_InternaltoPubMechFlags(unsigned long internalFlags) +{ unsigned long publicFlags = internalFlags; if (internalFlags & SECMOD_RANDOM_FLAG) { @@ -602,11 +671,15 @@ unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags) { /* Public & Internal(Security Library) representation of */ /* cipher flags conversion */ /* Note: currently they are just stubs */ -unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags) { +unsigned long +SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags) +{ return publicFlags; } -unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags) { +unsigned long +SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags) +{ return internalFlags; } @@ -620,7 +693,8 @@ SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags ) for ( ; mods != NULL; mods = mods->next) { - if (mods->module->ssl[0] & SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) { + if (mods->module->ssl[0] & + SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) { result = PR_TRUE; } } @@ -630,7 +704,8 @@ SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags ) } /* create a new ModuleListElement */ -SECMODModuleList *SECMOD_NewModuleListElement(void) { +SECMODModuleList *SECMOD_NewModuleListElement(void) +{ SECMODModuleList *newModList; newModList= (SECMODModuleList *) PORT_Alloc(sizeof(SECMODModuleList)); @@ -640,11 +715,13 @@ SECMODModuleList *SECMOD_NewModuleListElement(void) { } return newModList; } + /* * make a new reference to a module so It doesn't go away on us */ SECMODModule * -SECMOD_ReferenceModule(SECMODModule *module) { +SECMOD_ReferenceModule(SECMODModule *module) +{ PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);) PORT_Assert(module->refCount > 0); @@ -656,7 +733,8 @@ SECMOD_ReferenceModule(SECMODModule *module) { /* destroy an existing module */ void -SECMOD_DestroyModule(SECMODModule *module) { +SECMOD_DestroyModule(SECMODModule *module) +{ PRBool willfree = PR_FALSE; int slotCount; int i; @@ -703,7 +781,8 @@ SECMOD_DestroyModule(SECMODModule *module) { /* we can only get here if we've destroyed the module, or some one has * erroneously freed a slot that wasn't referenced. */ void -SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot) { +SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot) +{ PRBool willfree = PR_FALSE; if (fromSlot) { PORT_Assert(module->refCount == 0); @@ -733,7 +812,8 @@ SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot) { * on the chain. It makes it easy to implement for loops to delete * the chain. It also make deleting a single element easy */ SECMODModuleList * -SECMOD_DestroyModuleListElement(SECMODModuleList *element) { +SECMOD_DestroyModuleListElement(SECMODModuleList *element) +{ SECMODModuleList *next = element->next; if (element->module) { @@ -749,7 +829,8 @@ SECMOD_DestroyModuleListElement(SECMODModuleList *element) { * Destroy an entire module list */ void -SECMOD_DestroyModuleList(SECMODModuleList *list) { +SECMOD_DestroyModuleList(SECMODModuleList *list) +{ SECMODModuleList *lp; for ( lp = list; lp != NULL; lp = SECMOD_DestroyModuleListElement(lp)) ; @@ -760,3 +841,330 @@ SECMOD_CanDeleteInternalModule(void) { return (PRBool) (pendingModule == NULL); } + +/* + * check to see if the module has added new slots. PKCS 11 v2.20 allows for + * modules to add new slots, but never remove them. Slots cannot be added + * between a call to C_GetSlotLlist(Flag, NULL, &count) and the subsequent + * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently + * grow on the caller. It is permissible for the slots to increase between + * successive calls with NULL to get the size. + */ +SECStatus +SECMOD_UpdateSlotList(SECMODModule *mod) +{ + CK_RV crv; + int count,i, oldCount; + PRBool freeRef = PR_FALSE; + void *mark; + CK_ULONG *slotIDs = NULL; + PK11SlotInfo **newSlots = NULL; + PK11SlotInfo **oldSlots = NULL; + + /* C_GetSlotList is not a session function, make sure + * calls are serialized */ + PZ_Lock(mod->refLock); + freeRef = PR_TRUE; + /* see if the number of slots have changed */ + crv = PK11_GETTAB(mod)->C_GetSlotList(PR_FALSE, NULL, &count); + if (crv != CKR_OK) { + PORT_SetError(PK11_MapError(crv)); + goto loser; + } + /* nothing new, blow out early, we want this function to be quick + * and cheap in the normal case */ + if (count == mod->slotCount) { + PZ_Unlock(mod->refLock); + return SECSuccess; + } + if (count < mod->slotCount) { + /* shouldn't happen with a properly functioning PKCS #11 module */ + PORT_SetError( SEC_ERROR_INCOMPATIBLE_PKCS11 ); + goto loser; + } + + /* get the new slot list */ + slotIDs = PORT_NewArray(CK_SLOT_ID, count); + if (slotIDs == NULL) { + goto loser; + } + + crv = PK11_GETTAB(mod)->C_GetSlotList(PR_FALSE, slotIDs, &count); + if (crv != CKR_OK) { + PORT_SetError(PK11_MapError(crv)); + goto loser; + } + freeRef = PR_FALSE; + PZ_Unlock(mod->refLock); + mark = PORT_ArenaMark(mod->arena); + if (mark == NULL) { + goto loser; + } + newSlots = PORT_ArenaZNewArray(mod->arena,PK11SlotInfo *,count); + + /* walk down the new slot ID list returned from the module. We keep + * the old slots which match a returned ID, and we initialize the new + * slots. */ + for (i=0; i < count; i++) { + PK11SlotInfo *slot = SECMOD_FindSlotByID(mod,slotIDs[i]); + + if (!slot) { + /* we have a new slot create a new slot data structure */ + slot = PK11_NewSlotInfo(mod); + if (!slot) { + goto loser; + } + PK11_InitSlot(mod, slotIDs[i], slot); + STAN_InitTokenForSlotInfo(NULL, slot); + } + newSlots[i] = slot; + } + STAN_ResetTokenInterator(NULL); + PORT_Free(slotIDs); + slotIDs = NULL; + PORT_ArenaUnmark(mod->arena, mark); + + /* until this point we're still using the old slot list. Now we update + * module slot list. We update the slots (array) first then the count, + * since we've already guarrenteed that count has increased (just in case + * someone is looking at the slots field of module without holding the + * moduleLock */ + SECMOD_GetWriteLock(moduleLock); + oldCount =mod->slotCount; + oldSlots = mod->slots; + mod->slots = newSlots; /* typical arena 'leak'... old mod->slots is + * allocated out of the module arena and won't + * be freed until the module is freed */ + mod->slotCount = count; + SECMOD_ReleaseWriteLock(moduleLock); + /* free our old references before forgetting about oldSlot*/ + for (i=0; i < oldCount; i++) { + PK11_FreeSlot(oldSlots[i]); + } + return SECSuccess; + +loser: + if (freeRef) { + PZ_Unlock(mod->refLock); + } + if (slotIDs) { + PORT_Free(slotIDs); + } + /* free all the slots we allocated. newSlots are part of the + * mod arena. NOTE: the newSlots array contain both new and old + * slots, but we kept a reference to the old slots when we built the new + * array, so we need to free all the slots in newSlots array. */ + if (newSlots) { + for (i=0; i < count; i++) { + if (newSlots[i] == NULL) { + break; /* hit the last one */ + } + PK11_FreeSlot(newSlots[i]); + } + } + /* must come after freeing newSlots */ + if (mark) { + PORT_ArenaRelease(mod->arena, mark); + } + return SECFailure; +} + +/* + * this handles modules that do not support C_WaitForSlotEvent(). + * The internal flags are stored. Note that C_WaitForSlotEvent() does not + * have a timeout, so we don't have one for handleWaitForSlotEvent() either. + */ +PK11SlotInfo * +secmod_HandleWaitForSlotEvent(SECMODModule *mod, unsigned long flags, + PRIntervalTime latency) +{ + PRBool removableSlotsFound = PR_FALSE; + int i; + int error = SEC_ERROR_NO_EVENT; + + PZ_Lock(mod->refLock); + if (mod->evControlMask & SECMOD_END_WAIT) { + mod->evControlMask &= ~SECMOD_END_WAIT; + PZ_Unlock(mod->refLock); + PORT_SetError(SEC_ERROR_NO_EVENT); + return NULL; + } + mod->evControlMask |= SECMOD_WAIT_SIMULATED_EVENT; + while (mod->evControlMask & SECMOD_WAIT_SIMULATED_EVENT) { + PZ_Unlock(mod->refLock); + /* now is a good time to see if new slots have been added */ + SECMOD_UpdateSlotList(mod); + + /* loop through all the slots on a module */ + SECMOD_GetReadLock(moduleLock); + for (i=0; i < mod->slotCount; i++) { + PK11SlotInfo *slot = mod->slots[i]; + uint16 series; + PRBool present; + + /* perm modules do not change */ + if (slot->isPerm) { + continue; + } + removableSlotsFound = PR_TRUE; + /* simulate the PKCS #11 module flags. are the flags different + * from the last time we called? */ + series = slot->series; + present = PK11_IsPresent(slot); + if ((slot->flagSeries != series) || (slot->flagState != present)) { + slot->flagState = present; + slot->flagSeries = series; + SECMOD_ReleaseReadLock(moduleLock); + PZ_Lock(mod->refLock); + mod->evControlMask &= ~SECMOD_END_WAIT; + PZ_Unlock(mod->refLock); + return PK11_ReferenceSlot(slot); + } + } + SECMOD_ReleaseReadLock(moduleLock); + /* if everything was perm modules, don't lock up forever */ + if (!removableSlotsFound) { + error =SEC_ERROR_NO_SLOT_SELECTED; + PZ_Lock(mod->refLock); + break; + } + if (flags & CKF_DONT_BLOCK) { + PZ_Lock(mod->refLock); + break; + } + PR_Sleep(latency); + PZ_Lock(mod->refLock); + } + mod->evControlMask &= ~SECMOD_END_WAIT; + PZ_Unlock(mod->refLock); + PORT_SetError(error); + return NULL; +} + +/* + * this function waits for a token event on any slot of a given module + * This function should not be called from more than one thread of the + * same process (though other threads can make other library calls + * on this module while this call is blocked). + */ +PK11SlotInfo * +SECMOD_WaitForAnyTokenEvent(SECMODModule *mod, unsigned long flags, + PRIntervalTime latency) +{ + CK_SLOT_ID id; + CK_RV crv; + PK11SlotInfo *slot; + + /* first the the PKCS #11 call */ + PZ_Lock(mod->refLock); + if (mod->evControlMask & SECMOD_END_WAIT) { + goto end_wait; + } + mod->evControlMask |= SECMOD_WAIT_PKCS11_EVENT; + PZ_Unlock(mod->refLock); + crv = PK11_GETTAB(mod)->C_WaitForSlotEvent(flags, &id, NULL); + PZ_Lock(mod->refLock); + mod->evControlMask &= ~SECMOD_WAIT_PKCS11_EVENT; + /* if we are in end wait, short circuit now, don't even risk + * going into secmod_HandleWaitForSlotEvent */ + if (mod->evControlMask & SECMOD_END_WAIT) { + goto end_wait; + } + PZ_Unlock(mod->refLock); + if (crv == CKR_FUNCTION_NOT_SUPPORTED) { + /* module doesn't support that call, simulate it */ + return secmod_HandleWaitForSlotEvent(mod, flags, latency); + } + if (crv != CKR_OK) { + /* we can get this error if finalize was called while we were + * still running. This is the only way to force a C_WaitForSlotEvent() + * to return in PKCS #11. In this case, just return that there + * was no event. */ + if (crv == CKR_CRYPTOKI_NOT_INITIALIZED) { + PORT_SetError(SEC_ERROR_NO_EVENT); + } else { + PORT_SetError(PK11_MapError(crv)); + } + return NULL; + } + slot = SECMOD_FindSlotByID(mod, id); + if (slot == NULL) { + /* possibly a new slot that was added? */ + SECMOD_UpdateSlotList(mod); + slot = SECMOD_FindSlotByID(mod, id); + } + return slot; + + /* must be called with the lock on. */ +end_wait: + mod->evControlMask &= ~SECMOD_END_WAIT; + PZ_Unlock(mod->refLock); + PORT_SetError(SEC_ERROR_NO_EVENT); + return NULL; +} + +/* + * This function "wakes up" WaitForAnyTokenEvent. It's a pretty drastic + * function, possibly bringing down the pkcs #11 module in question. This + * should be OK because 1) it does reinitialize, and 2) it should only be + * called when we are on our way to tear the whole system down anyway. + */ +SECStatus +SECMOD_CancelWait(SECMODModule *mod) +{ + unsigned long controlMask = mod->evControlMask; + SECStatus rv = SECSuccess; + CK_RV crv; + + PZ_Lock(mod->refLock); + mod->evControlMask |= SECMOD_END_WAIT; + controlMask = mod->evControlMask; + if (controlMask & SECMOD_WAIT_PKCS11_EVENT) { + /* NOTE: this call will drop all transient keys, in progress + * operations, and any authentication. This is the only documented + * way to get WaitForSlotEvent to return. Also note: for non-thread + * safe tokens, we need to hold the module lock, this is not yet at + * system shutdown/starup time, so we need to protect these calls */ + crv = PK11_GETTAB(mod)->C_Finalize(NULL); + /* ok, we slammed the module down, now we need to reinit it in case + * we intend to use it again */ + if (crv = CKR_OK) { + secmod_ModuleInit(mod); + } else { + /* Finalized failed for some reason, notify the application + * so maybe it has a prayer of recovering... */ + PORT_SetError(PK11_MapError(crv)); + rv = SECFailure; + } + } else if (controlMask & SECMOD_WAIT_SIMULATED_EVENT) { + mod->evControlMask &= ~SECMOD_WAIT_SIMULATED_EVENT; + /* Simulated events will eventually timeout + * and wake up in the loop */ + } + PZ_Unlock(mod->refLock); + return rv; +} + +/* + * check to see if the module has removable slots that we may need to + * watch for. + */ +PRBool +SECMOD_HasRemovableSlots(SECMODModule *mod) +{ + int i; + PRBool ret = PR_FALSE; + + SECMOD_GetReadLock(moduleLock); + for (i=0; i < mod->slotCount; i++) { + PK11SlotInfo *slot = mod->slots[i]; + /* perm modules are not inserted or removed */ + if (slot->isPerm) { + continue; + } + ret = PR_TRUE; + break; + } + SECMOD_ReleaseReadLock(moduleLock); + return ret; +} diff --git a/security/nss/lib/pk11wrap/secmod.h b/security/nss/lib/pk11wrap/secmod.h index 1c29486ab..a973de0d8 100644 --- a/security/nss/lib/pk11wrap/secmod.h +++ b/security/nss/lib/pk11wrap/secmod.h @@ -37,6 +37,7 @@ #define _SEDMOD_H_ #include "seccomon.h" #include "secmodt.h" +#include "prinrval.h" #define PKCS11_USE_THREADS @@ -157,6 +158,25 @@ extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags); extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags); extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags); +PRBool SECMOD_HasRemovableSlots(SECMODModule *mod); +PK11SlotInfo *SECMOD_WaitForAnyTokenEvent(SECMODModule *mod, + unsigned long flags, PRIntervalTime latency); +/* + * Warning: the SECMOD_CancelWait function is highly destructive, potentially + * finalizing the module 'mod' (causing inprogress operations to fail, + * and session key material to disappear). It should only be called when + * shutting down the module. + */ +SECStatus SECMOD_CancelWait(SECMODModule *mod); +/* + * check to see if the module has added new slots. PKCS 11 v2.20 allows for + * modules to add new slots, but never remove them. Slots not be added between + * a call to C_GetSlotLlist(Flag, NULL, &count) and the corresponding + * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently + * grow on the caller. It is permissible for the slots to increase between + * corresponding calls with NULL to get the size. + */ +SECStatus SECMOD_UpdateSlotList(SECMODModule *mod); SEC_END_PROTOS #endif diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h index 82e9cb2c7..8542e6f33 100644 --- a/security/nss/lib/pk11wrap/secmodi.h +++ b/security/nss/lib/pk11wrap/secmodi.h @@ -60,6 +60,7 @@ extern SECStatus SECMOD_AddPermDB(SECMODModule *module); extern int secmod_PrivateModuleCount; extern void SECMOD_Init(void); +SECStatus secmod_ModuleInit(SECMODModule *mod); /* list managment */ extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule); @@ -114,4 +115,6 @@ extern void pk11sdr_Shutdown(void); SEC_END_PROTOS #endif +PRBool pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx); + diff --git a/security/nss/lib/pk11wrap/secmodt.h b/security/nss/lib/pk11wrap/secmodt.h index 4d34e87c3..01743944b 100644 --- a/security/nss/lib/pk11wrap/secmodt.h +++ b/security/nss/lib/pk11wrap/secmodt.h @@ -62,6 +62,7 @@ typedef struct PK11SlotListElementStr PK11SlotListElement; typedef struct PK11RSAGenParamsStr PK11RSAGenParams; typedef unsigned long SECMODModuleID; typedef struct PK11DefaultArrayEntryStr PK11DefaultArrayEntry; +typedef struct PK11GenericObjectStr PK11GenericObject; struct SECMODModuleStr { PRArenaPool *arena; @@ -92,8 +93,26 @@ struct SECMODModuleStr { PRBool moduleDBOnly; /* this module only has lists of PKCS #11 modules */ int trustOrder; /* order for this module's certificate trust rollup */ int cipherOrder; /* order for cipher operations */ + unsigned long evControlMask; /* control the running and shutdown of slot + * events (SECMOD_WaitForAnyTokenEvent) */ }; +/* evControlMask flags */ +/* + * These bits tell the current state of a SECMOD_WaitForAnyTokenEvent. + * + * SECMOD_WAIT_PKCS11_EVENT - we're waiting in the PKCS #11 module in + * C_WaitForSlotEvent(). + * SECMOD_WAIT_SIMULATED_EVENT - we're waiting in the NSS simulation code + * which polls for token insertion and removal events. + * SECMOD_END_WAIT - SECMOD_CancelWait has been called while the module is + * waiting in SECMOD_WaitForAnyTokenEvent. SECMOD_WaitForAnyTokenEvent + * should return immediately to it's caller. + */ +#define SECMOD_END_WAIT 0x01 +#define SECMOD_WAIT_SIMULATED_EVENT 0x02 +#define SECMOD_WAIT_PKCS11_EVENT 0x04 + struct SECMODModuleListStr { SECMODModuleList *next; SECMODModule *module; @@ -212,6 +231,17 @@ typedef enum { PK11_DIS_TOKEN_NOT_PRESENT = 4 } PK11DisableReasons; +/* types of PKCS #11 objects */ +typedef enum { + PK11_TypeGeneric = 0, + PK11_TypePrivKey = 1, + PK11_TypePubKey = 2, + PK11_TypeCert = 3, + PK11_TypeSymKey = 4 +} PK11ObjectType; + + + /* function pointer type for password callback function. * This type is passed in to PK11_SetPasswordFunc() */ diff --git a/security/nss/lib/pk11wrap/secmodti.h b/security/nss/lib/pk11wrap/secmodti.h index b991b46e8..5763bc28c 100644 --- a/security/nss/lib/pk11wrap/secmodti.h +++ b/security/nss/lib/pk11wrap/secmodti.h @@ -44,6 +44,8 @@ #ifndef NSS_3_4_CODE #define NSS_3_4_CODE +#include "secmodt.h" +#include "pkcs11t.h" #endif /* NSS_3_4_CODE */ #include "nssdevt.h" @@ -108,6 +110,10 @@ struct PK11SlotInfoStr { uint16 series; /* break up the slot info into various groups of * inserted tokens so that keys and certs can be * invalidated */ + uint16 flagSeries; /* record the last series for the last event + * returned for this slot */ + PRBool flagState; /* record the state of the last event returned for this + * slot. */ uint16 wrapKey; /* current wrapping key for SSL master secrets */ CK_MECHANISM_TYPE wrapMechanism; /* current wrapping mechanism for current wrapKey */ @@ -189,3 +195,14 @@ struct PK11ContextStr { }; #endif /* _SECMODTI_H_ */ +/* + * structure to hold a pointer to a unique PKCS #11 object + * (pointer to the slot and the object id). + */ +struct PK11GenericObjectStr { + PK11GenericObject *prev; + PK11GenericObject *next; + PK11SlotInfo *slot; + CK_OBJECT_HANDLE objectID; +}; + diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c index eb8dd7f78..ffc5c9b64 100644 --- a/security/nss/lib/pki/pki3hack.c +++ b/security/nss/lib/pki/pki3hack.c @@ -91,12 +91,39 @@ extern const NSSError NSS_ERROR_ALREADY_INITIALIZED; extern const NSSError NSS_ERROR_INTERNAL_ERROR; NSS_IMPLEMENT PRStatus +STAN_InitTokenForSlotInfo(NSSTrustDomain *td, PK11SlotInfo *slot) +{ + NSSToken *token; + if (!td) { + td = g_default_trust_domain; + } + token = nssToken_CreateFromPK11SlotInfo(td, slot); + PK11Slot_SetNSSToken(slot, token); + NSSRWLock_LockWrite(td->tokensLock); + nssList_Add(td->tokenList, token); + NSSRWLock_UnlockWrite(td->tokensLock); + return PR_SUCCESS; +} + +NSS_IMPLEMENT PRStatus +STAN_ResetTokenInterator(NSSTrustDomain *td) +{ + if (!td) { + td = g_default_trust_domain; + } + NSSRWLock_LockWrite(td->tokensLock); + nssListIterator_Destroy(td->tokens); + td->tokens = nssList_CreateIterator(td->tokenList); + NSSRWLock_UnlockWrite(td->tokensLock); + return PR_SUCCESS; +} + +NSS_IMPLEMENT PRStatus STAN_LoadDefaultNSS3TrustDomain ( void ) { NSSTrustDomain *td; - NSSToken *token; SECMODModuleList *mlp; SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock(); int i; @@ -110,41 +137,48 @@ STAN_LoadDefaultNSS3TrustDomain ( if (!td) { return PR_FAILURE; } - td->tokenList = nssList_Create(td->arena, PR_TRUE); + /* + * Deadlock warning: we should never acquire the moduleLock while + * we hold the tokensLock. We can use the NSSRWLock Rank feature to + * guarrentee this. tokensLock have a higher rank than module lock. + */ SECMOD_GetReadLock(moduleLock); + NSSRWLock_LockWrite(td->tokensLock); + td->tokenList = nssList_Create(td->arena, PR_TRUE); for (mlp = SECMOD_GetDefaultModuleList(); mlp != NULL; mlp=mlp->next) { for (i=0; i < mlp->module->slotCount; i++) { - token = nssToken_CreateFromPK11SlotInfo(td, mlp->module->slots[i]); - PK11Slot_SetNSSToken(mlp->module->slots[i], token); - nssList_Add(td->tokenList, token); + STAN_InitTokenForSlotInfo(td, mlp->module->slots[i]); } } - SECMOD_ReleaseReadLock(moduleLock); td->tokens = nssList_CreateIterator(td->tokenList); + NSSRWLock_UnlockWrite(td->tokensLock); + SECMOD_ReleaseReadLock(moduleLock); g_default_trust_domain = td; g_default_crypto_context = NSSTrustDomain_CreateCryptoContext(td, NULL); return PR_SUCCESS; } +/* + * must be called holding the ModuleListLock (either read or write). + */ NSS_IMPLEMENT SECStatus STAN_AddModuleToDefaultTrustDomain ( SECMODModule *module ) { - NSSToken *token; NSSTrustDomain *td; int i; td = STAN_GetDefaultTrustDomain(); for (i=0; i<module->slotCount; i++) { - token = nssToken_CreateFromPK11SlotInfo(td, module->slots[i]); - PK11Slot_SetNSSToken(module->slots[i], token); - nssList_Add(td->tokenList, token); + STAN_InitTokenForSlotInfo(td, module->slots[i]); } - nssListIterator_Destroy(td->tokens); - td->tokens = nssList_CreateIterator(td->tokenList); + STAN_ResetTokenInterator(td); return SECSuccess; } +/* + * must be called holding the ModuleListLock (either read or write). + */ NSS_IMPLEMENT SECStatus STAN_RemoveModuleFromDefaultTrustDomain ( SECMODModule *module @@ -154,6 +188,7 @@ STAN_RemoveModuleFromDefaultTrustDomain ( NSSTrustDomain *td; int i; td = STAN_GetDefaultTrustDomain(); + NSSRWLock_LockWrite(td->tokensLock); for (i=0; i<module->slotCount; i++) { token = PK11Slot_GetNSSToken(module->slots[i]); if (token) { @@ -165,6 +200,7 @@ STAN_RemoveModuleFromDefaultTrustDomain ( } nssListIterator_Destroy(td->tokens); td->tokens = nssList_CreateIterator(td->tokenList); + NSSRWLock_UnlockWrite(td->tokensLock); return SECSuccess; } @@ -792,6 +828,23 @@ STAN_GetCERTCertificate(NSSCertificate *c) { return stan_GetCERTCertificate(c, PR_FALSE); } +/* + * Many callers of STAN_GetCERTCertificate() intend that + * the CERTCertificate returned inherits the reference to the + * NSSCertificate. For these callers it's convenient to have + * this function 'own' the reference and either return a valid + * CERTCertificate structure which inherits the reference or + * destroy the reference to NSSCertificate and returns NULL. + */ +NSS_IMPLEMENT CERTCertificate * +STAN_GetCERTCertificateOrRelease(NSSCertificate *c) +{ + CERTCertificate *nss3cert = stan_GetCERTCertificate(c, PR_FALSE); + if (!nss3cert) { + nssCertificate_Destroy(c); + } + return nss3cert; +} static nssTrustLevel get_stan_trust(unsigned int t, PRBool isClientAuth) @@ -989,9 +1042,11 @@ STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust) tok = stan_GetTrustToken(c); moving_object = PR_FALSE; if (tok && PK11_IsReadOnly(tok->pk11slot)) { + NSSRWLock_LockRead(td->tokensLock); tokens = nssList_CreateIterator(td->tokenList); if (!tokens) { nssrv = PR_FAILURE; + NSSRWLock_UnlockRead(td->tokensLock); goto done; } for (tok = (NSSToken *)nssListIterator_Start(tokens); @@ -1002,6 +1057,7 @@ STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust) } nssListIterator_Finish(tokens); nssListIterator_Destroy(tokens); + NSSRWLock_UnlockRead(td->tokensLock); moving_object = PR_TRUE; } if (tok) { diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h index 6e50725d3..85e8d92ab 100644 --- a/security/nss/lib/pki/pki3hack.h +++ b/security/nss/lib/pki/pki3hack.h @@ -71,25 +71,22 @@ NSS_EXTERN NSSCryptoContext * STAN_GetDefaultCryptoContext(); NSS_EXTERN PRStatus -STAN_LoadDefaultNSS3TrustDomain -( - void -); +STAN_InitTokenForSlotInfo(NSSTrustDomain *td, PK11SlotInfo *slot); + +NSS_EXTERN PRStatus +STAN_ResetTokenInterator(NSSTrustDomain *td); + +NSS_EXTERN PRStatus +STAN_LoadDefaultNSS3TrustDomain(void); NSS_EXTERN PRStatus STAN_Shutdown(); NSS_EXTERN SECStatus -STAN_AddModuleToDefaultTrustDomain -( - SECMODModule *module -); +STAN_AddModuleToDefaultTrustDomain(SECMODModule *module); NSS_EXTERN SECStatus -STAN_RemoveModuleFromDefaultTrustDomain -( - SECMODModule *module -); +STAN_RemoveModuleFromDefaultTrustDomain(SECMODModule *module); NSS_EXTERN CERTCertificate * STAN_ForceCERTCertificateUpdate(NSSCertificate *c); @@ -97,6 +94,9 @@ STAN_ForceCERTCertificateUpdate(NSSCertificate *c); NSS_EXTERN CERTCertificate * STAN_GetCERTCertificate(NSSCertificate *c); +NSS_EXTERN CERTCertificate * +STAN_GetCERTCertificateOrRelease(NSSCertificate *c); + NSS_EXTERN NSSCertificate * STAN_GetNSSCertificate(CERTCertificate *c); diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h index f8bd067b9..918cb0b9b 100644 --- a/security/nss/lib/pki/pkit.h +++ b/security/nss/lib/pki/pkit.h @@ -69,6 +69,10 @@ static const char PKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; #include "devt.h" #endif /* DEVT_H */ +#ifndef nssrwlkt_h__ +#include "nssrwlkt.h" +#endif /* nssrwlkt_h__ */ + PR_BEGIN_EXTERN_C /* @@ -170,6 +174,7 @@ struct NSSTrustDomainStr { nssList *tokenList; nssListIterator *tokens; nssTDCertificateCache *cache; + NSSRWLock *tokensLock; #ifdef NSS_3_4_CODE void *spkDigestInfo; CERTStatusConfig *statusConfig; diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c index 24e249264..ca39bdeb0 100644 --- a/security/nss/lib/pki/trustdomain.c +++ b/security/nss/lib/pki/trustdomain.c @@ -52,6 +52,8 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; #include "pki3hack.h" #endif +#include "nssrwlk.h" + #define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32 #ifdef PURE_STAN_BUILD @@ -90,6 +92,11 @@ NSSTrustDomain_Create ( if (!rvTD) { goto loser; } + /* protect the token list and the token iterator */ + rvTD->tokensLock = NSSRWLock_New(100, "tokens"); + if (!rvTD->tokensLock) { + goto loser; + } nssTrustDomain_InitializeCache(rvTD, NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE); rvTD->arena = arena; rvTD->refCount = 1; @@ -98,6 +105,9 @@ NSSTrustDomain_Create ( #endif return rvTD; loser: + if (rvTD && rvTD->tokensLock) { + NSSRWLock_Destroy(rvTD->tokensLock); + } nssArena_Destroy(arena); return (NSSTrustDomain *)NULL; } @@ -124,6 +134,7 @@ NSSTrustDomain_Destroy ( nssList_Clear(td->tokenList, token_destructor); nssList_Destroy(td->tokenList); } + NSSRWLock_Destroy(td->tokensLock); status = nssTrustDomain_DestroyCache(td); if (status == PR_FAILURE) { return status; @@ -145,17 +156,21 @@ nssTrustDomain_GetActiveSlots ( NSSSlot **slots = NULL; NSSToken **tp, **tokens; *updateLevel = 1; + NSSRWLock_LockRead(td->tokensLock); count = nssList_Count(td->tokenList); tokens = nss_ZNEWARRAY(NULL, NSSToken *, count + 1); if (!tokens) { + NSSRWLock_UnlockRead(td->tokensLock); return NULL; } slots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1); if (!slots) { + NSSRWLock_UnlockRead(td->tokensLock); nss_ZFreeIf(tokens); return NULL; } nssList_GetArray(td->tokenList, (void **)tokens, count); + NSSRWLock_UnlockRead(td->tokensLock); count = 0; for (tp = tokens; *tp; tp++) { slots[count++] = nssToken_GetSlot(*tp); @@ -272,6 +287,7 @@ NSSTrustDomain_FindTokenByName ( PRStatus nssrv; NSSUTF8 *myName; NSSToken *tok = NULL; + NSSRWLock_LockRead(td->tokensLock); for (tok = (NSSToken *)nssListIterator_Start(td->tokens); tok != (NSSToken *)NULL; tok = (NSSToken *)nssListIterator_Next(td->tokens)) @@ -282,6 +298,7 @@ NSSTrustDomain_FindTokenByName ( } } nssListIterator_Finish(td->tokens); + NSSRWLock_UnlockRead(td->tokensLock); return tok; } diff --git a/security/nss/lib/smime/config.mk b/security/nss/lib/smime/config.mk index cd5c893a5..7bf4898a7 100644 --- a/security/nss/lib/smime/config.mk +++ b/security/nss/lib/smime/config.mk @@ -86,4 +86,9 @@ SHARED_LIBRARY_DIRS = \ ../pkcs7 \ $(NULL) +ifeq ($(OS_TARGET),SunOS) +# The -R '$ORIGIN' linker option instructs this library to search for its +# dependencies in the same directory where it resides. +MKSHLIB += -R '$$ORIGIN' +endif diff --git a/security/nss/lib/smime/smime.def b/security/nss/lib/smime/smime.def index 78c79501b..15c302a6e 100644 --- a/security/nss/lib/smime/smime.def +++ b/security/nss/lib/smime/smime.def @@ -247,3 +247,10 @@ SEC_PKCS7EncoderAbort; ;+ local: ;+ *; ;+}; +;+NSS_3.9.3 { # NSS 3.9.3 release +;+ global: +CERT_ConvertAndDecodeCertificate; +SEC_PKCS7EncodeItem; +;+ local: +;+ *; +;+}; diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk index adf0ea0df..81b5aadd8 100644 --- a/security/nss/lib/softoken/config.mk +++ b/security/nss/lib/softoken/config.mk @@ -84,14 +84,10 @@ EXTRA_SHARED_LIBS += \ endif ifeq ($(OS_TARGET),SunOS) -ifndef USE_64 -ifeq ($(CPU_ARCH),sparc) -# The -R '$ORIGIN' linker option instructs libsoftokn3.so to search for its -# dependencies (libfreebl_*.so) in the same directory where it resides. +# The -R '$ORIGIN' linker option instructs this library to search for its +# dependencies in the same directory where it resides. MKSHLIB += -R '$$ORIGIN' endif -endif -endif ifeq ($(OS_TARGET),WINCE) DEFINES += -DDBM_USING_NSPR diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk index 3917eaba1..cf341b4c0 100644 --- a/security/nss/lib/ssl/config.mk +++ b/security/nss/lib/ssl/config.mk @@ -78,4 +78,10 @@ ifeq ($(OS_ARCH), Darwin) EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib endif +ifeq ($(OS_TARGET),SunOS) +# The -R '$ORIGIN' linker option instructs this library to search for its +# dependencies in the same directory where it resides. +MKSHLIB += -R '$$ORIGIN' +endif + endif diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index daed7453d..6db9a7641 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -3333,7 +3333,7 @@ typedef struct { PK11SymKey * symWrapKey[kt_kea_size]; } ssl3SymWrapKey; -static PZLock * symWrapKeysLock; +static PZLock * symWrapKeysLock = NULL; static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS]; SECStatus @@ -3360,6 +3360,13 @@ SSL3_ShutdownServerCache(void) return SECSuccess; } +void ssl_InitSymWrapKeysLock(void) +{ + /* atomically initialize the lock */ + if (!symWrapKeysLock) + nss_InitLock(&symWrapKeysLock, nssILockOther); +} + /* Try to get wrapping key for mechanism from in-memory array. * If that fails, look for one on disk. * If that fails, generate a new one, put the new one on disk, @@ -3397,9 +3404,7 @@ getWrappingKey( sslSocket * ss, pSymWrapKey = &symWrapKeys[symWrapMechIndex].symWrapKey[exchKeyType]; - /* atomically initialize the lock */ - if (!symWrapKeysLock) - nss_InitLock(&symWrapKeysLock, nssILockOther); + ssl_InitSymWrapKeysLock(); PZ_Lock(symWrapKeysLock); diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c index e373fa28b..115ef4de5 100644 --- a/security/nss/lib/ssl/sslcon.c +++ b/security/nss/lib/ssl/sslcon.c @@ -2573,7 +2573,7 @@ ssl2_HandleMessage(sslSocket *ss) case SSL_MT_REQUEST_CERTIFICATE: len = ss->gs.recordLen - 2; - if ((len != SSL_MIN_CHALLENGE_BYTES) || + if ((len < SSL_MIN_CHALLENGE_BYTES) || (len > SSL_MAX_CHALLENGE_BYTES)) { /* Bad challenge */ SSL_DBG(("%d: SSL[%d]: bad cert request message: code len=%d", @@ -2617,6 +2617,11 @@ ssl2_HandleMessage(sslSocket *ss) PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE); goto loser; } + if (certLen + responseLen + SSL_HL_CLIENT_CERTIFICATE_HBYTES + > ss->gs.recordLen) { + /* prevent overflow crash. */ + rv = SECFailure; + } else rv = ssl2_HandleClientCertificate(ss, data[1], data + SSL_HL_CLIENT_CERTIFICATE_HBYTES, certLen, @@ -2808,9 +2813,22 @@ ssl2_HandleServerHelloMessage(sslSocket *ss) } } - /* Save connection-id for later */ - PORT_Memcpy(ss->sec.ci.connectionID, cs + csLen, - sizeof(ss->sec.ci.connectionID)); + if ((SSL_HL_SERVER_HELLO_HBYTES + certLen + csLen + cidLen + > ss->gs.recordLen) + || (csLen % 3) != 0 + /* || cidLen < SSL_CONNECTIONID_BYTES || cidLen > 32 */ + ) { + goto bad_server; + } + + /* Save connection-id. + ** This code only saves the first 16 byte of the connectionID. + ** If the connectionID is shorter than 16 bytes, it is zero-padded. + */ + if (cidLen < sizeof ss->sec.ci.connectionID) + memset(ss->sec.ci.connectionID, 0, sizeof ss->sec.ci.connectionID); + cidLen = PR_MIN(cidLen, sizeof ss->sec.ci.connectionID); + PORT_Memcpy(ss->sec.ci.connectionID, cs + csLen, cidLen); /* See if session-id hit */ needed = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED | CIS_HAVE_VERIFY; @@ -3494,7 +3512,11 @@ ssl2_HandleClientHelloMessage(sslSocket *ss) challenge = sd + sdLen; PRINT_BUF(7, (ss, "server, client session-id value:", sd, sdLen)); - if ((unsigned)ss->gs.recordLen != + if (!csLen || (csLen % 3) != 0 || + (sdLen != 0 && sdLen != SSL2_SESSIONID_BYTES) || + challengeLen < SSL_MIN_CHALLENGE_BYTES || + challengeLen > SSL_MAX_CHALLENGE_BYTES || + (unsigned)ss->gs.recordLen != SSL_HL_CLIENT_HELLO_HBYTES + csLen + sdLen + challengeLen) { SSL_DBG(("%d: SSL[%d]: bad client hello message, len=%d should=%d", SSL_GETPID(), ss->fd, ss->gs.recordLen, diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 90a99100e..b17c40672 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -1264,6 +1264,10 @@ ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk); /* get rid of the symmetric wrapping key references. */ extern SECStatus SSL3_ShutdownServerCache(void); +extern void ssl_InitClientSessionCacheLock(void); + +extern void ssl_InitSymWrapKeysLock(void); + /********************** misc calls *********************/ extern int ssl_MapLowLevelError(int hiLevelError); diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c index ac79c6d66..9ae45de1a 100644 --- a/security/nss/lib/ssl/sslnonce.c +++ b/security/nss/lib/ssl/sslnonce.c @@ -51,8 +51,8 @@ PRUint32 ssl_sid_timeout = 100; PRUint32 ssl3_sid_timeout = 86400L; /* 24 hours */ -static sslSessionID *cache; -static PZLock * cacheLock; +static sslSessionID *cache = NULL; +static PZLock * cacheLock = NULL; /* sids can be in one of 4 states: * @@ -65,14 +65,16 @@ static PZLock * cacheLock; #define LOCK_CACHE lock_cache() #define UNLOCK_CACHE PZ_Unlock(cacheLock) -static void -lock_cache(void) +void ssl_InitClientSessionCacheLock(void) { - /* XXX Since the client session cache has no init function, we must - * XXX init the cacheLock on the first call. Fix in NSS 3.0. - */ if (!cacheLock) nss_InitLock(&cacheLock, nssILockCache); +} + +static void +lock_cache(void) +{ + ssl_InitClientSessionCacheLock(); PZ_Lock(cacheLock); } diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c index 6604c2896..8d5a853b1 100644 --- a/security/nss/lib/ssl/sslsnce.c +++ b/security/nss/lib/ssl/sslsnce.c @@ -1169,6 +1169,8 @@ SSL_ConfigServerSessionIDCache( int maxCacheEntries, PRUint32 ssl3_timeout, const char * directory) { + ssl_InitClientSessionCacheLock(); + ssl_InitSymWrapKeysLock(); return SSL_ConfigServerSessionIDCacheInstance(&globalCache, maxCacheEntries, ssl2_timeout, ssl3_timeout, directory, PR_FALSE); } @@ -1276,6 +1278,10 @@ SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char * envString) } return SECSuccess; /* already done. */ } + + ssl_InitClientSessionCacheLock(); + ssl_InitSymWrapKeysLock(); + ssl_sid_lookup = ServerSessionIDLookup; ssl_sid_cache = ServerSessionIDCache; ssl_sid_uncache = ServerSessionIDUncache; diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index e4f01898d..df29616b0 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -459,13 +459,17 @@ SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled) { PRFileDesc * osfd = ss->fd->lower; - int rv; + SECStatus rv = SECFailure; PRSocketOptionData opt; opt.option = PR_SockOpt_NoDelay; opt.value.no_delay = (PRBool)!enabled; - rv = osfd->methods->setsocketoption(osfd, &opt); + if (osfd->methods->setsocketoption) { + rv = (SECStatus) osfd->methods->setsocketoption(osfd, &opt); + } else { + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); + } return rv; } diff --git a/security/nss/lib/util/quickder.c b/security/nss/lib/util/quickder.c index 42acedf5b..c94368f14 100644 --- a/security/nss/lib/util/quickder.c +++ b/security/nss/lib/util/quickder.c @@ -213,8 +213,9 @@ static SECStatus MatchComponentType(const SEC_ASN1Template* templateEntry, return SECSuccess; } } - PORT_SetError(SEC_ERROR_BAD_DER); - return SECFailure; + /* no match, caller must decide if this is BAD DER, or not. */ + *match = PR_FALSE; + return SECSuccess; } if (kind & SEC_ASN1_ANY) diff --git a/security/nss/lib/util/secerr.h b/security/nss/lib/util/secerr.h index d1bb335fc..57382588e 100644 --- a/security/nss/lib/util/secerr.h +++ b/security/nss/lib/util/secerr.h @@ -190,7 +190,16 @@ SEC_ERROR_EXTRA_INPUT = (SEC_ERROR_BASE + 140), SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE = (SEC_ERROR_BASE + 141), SEC_ERROR_UNSUPPORTED_EC_POINT_FORM = (SEC_ERROR_BASE + 142), SEC_ERROR_UNRECOGNIZED_OID = (SEC_ERROR_BASE + 143), -SEC_ERROR_OCSP_INVALID_SIGNING_CERT = (SEC_ERROR_BASE + 144) +SEC_ERROR_OCSP_INVALID_SIGNING_CERT = (SEC_ERROR_BASE + 144), +/* new revocation errors */ +SEC_ERROR_REVOKED_CERTIFICATE_CRL = (SEC_ERROR_BASE + 145), +SEC_ERROR_REVOKED_CERTIFICATE_OCSP = (SEC_ERROR_BASE + 146), +SEC_ERROR_CRL_INVALID_VERSION = (SEC_ERROR_BASE + 147), +SEC_ERROR_CRL_V1_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 148), +SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 149), +SEC_ERROR_UNKNOWN_OBJECT_TYPE = (SEC_ERROR_BASE + 150), +SEC_ERROR_INCOMPATIBLE_PKCS11 = (SEC_ERROR_BASE + 151), +SEC_ERROR_NO_EVENT = (SEC_ERROR_BASE + 152) } SECErrorCodes; #endif /* NO_SECURITY_ERROR_ENUM */ diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h index 693b35110..ffdbddbe4 100644 --- a/security/nss/lib/util/secport.h +++ b/security/nss/lib/util/secport.h @@ -131,6 +131,7 @@ extern void PORT_FreeBlock(void *ptr); extern void *PORT_ZAlloc(size_t len); extern void PORT_Free(void *ptr); extern void PORT_ZFree(void *ptr, size_t len); +extern char *PORT_Strdup(const char *s); extern time_t PORT_Time(void); extern void PORT_SetError(int value); extern int PORT_GetError(void); @@ -168,34 +169,6 @@ extern char *PORT_ArenaStrdup(PLArenaPool *arena, const char *str); /* Please, keep these defines sorted alphbetically. Thanks! */ -#ifdef XP_STRING_FUNCS - -#define PORT_Atoi XP_ATOI - -#define PORT_Memcmp XP_MEMCMP -#define PORT_Memcpy XP_MEMCPY -#define PORT_Memmove XP_MEMMOVE -#define PORT_Memset XP_MEMSET - -#define PORT_Strcasecmp XP_STRCASECMP -#define PORT_Strcat XP_STRCAT -#define PORT_Strchr XP_STRCHR -#define PORT_Strrchr XP_STRRCHR -#define PORT_Strcmp XP_STRCMP -#define PORT_Strcpy XP_STRCPY -#define PORT_Strdup XP_STRDUP -#define PORT_Strlen(s) XP_STRLEN(s) -#define PORT_Strncasecmp XP_STRNCASECMP -#define PORT_Strncat strncat -#define PORT_Strncmp XP_STRNCMP -#define PORT_Strncpy strncpy -#define PORT_Strstr XP_STRSTR -#define PORT_Strtok XP_STRTOK_R - -#define PORT_Tolower XP_TO_LOWER - -#else /* XP_STRING_FUNCS */ - #define PORT_Atoi atoi #define PORT_Memcmp memcmp @@ -213,7 +186,6 @@ extern char *PORT_ArenaStrdup(PLArenaPool *arena, const char *str); #define PORT_Strrchr strrchr #define PORT_Strcmp strcmp #define PORT_Strcpy strcpy -extern char *PORT_Strdup(const char *s); #define PORT_Strlen(s) strlen(s) #define PORT_Strncasecmp PL_strncasecmp #define PORT_Strncat strncat @@ -225,8 +197,6 @@ extern char *PORT_Strdup(const char *s); #define PORT_Tolower tolower -#endif /* XP_STRING_FUNCS */ - typedef PRBool (PR_CALLBACK * PORTCharConversionWSwapFunc) (PRBool toUnicode, unsigned char *inBuf, unsigned int inBufLen, unsigned char *outBuf, unsigned int maxOutBufLen, diff --git a/security/nss/pkg/linux/Makefile b/security/nss/pkg/linux/Makefile index f25d09f71..52fb7001c 100644 --- a/security/nss/pkg/linux/Makefile +++ b/security/nss/pkg/linux/Makefile @@ -8,51 +8,66 @@ CORE_DEPTH = ../../.. NAME = sun-nss -RELEASE = 1 -TOPDIR = /usr/src/redhat +RELEASE = 4 VERSION = `grep NSS_VERSION $(CORE_DEPTH)/../dist/public/nss/nss.h \ - | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//'` + | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//'` +PWD = `pwd` +BUILDROOT = $(PWD)\/$(NAME)-root include $(CORE_DEPTH)/coreconf/config.mk publish: $(MAKE) clean - mkdir -p usr/lib/mps + mkdir -p SOURCES SRPMS RPMS BUILD + mkdir -p opt/sun/private/lib find $(CORE_DEPTH)/../dist/$(OBJDIR)/lib -type l \ \( -name "*.so" -o -name "*.chk" \) \ - -exec cp -L {} usr/lib/mps \; - mkdir -p usr/include/mps - cp -Lr $(CORE_DEPTH)/../dist/public/* usr/include/mps - tar czvf $(NAME)-$(VERSION).tar.gz usr + -exec cp {} opt/sun/private/lib \; + rm -f opt/sun/private/lib/libnspr4.so \ + opt/sun/private/lib/libplc4.so \ + opt/sun/private/lib/libplds4.so \ + opt/sun/private/lib/libjss*.so + mkdir -p opt/sun/private/bin + (cd $(CORE_DEPTH)/../dist/$(OBJDIR)/bin && tar cphf - \ + certutil cmsutil crlutil modutil pk12util signtool \ + signver ssltap ) | (cd opt/sun/private/bin && tar xvfBp -) + (cd $(CORE_DEPTH)/../dist/public && tar cphf - .) \ + | (mkdir -p opt/sun/private/include && cd opt/sun/private/include && tar xvfBp -) + rm -rf opt/sun/private/include/seccmd + rm -rf opt/sun/private/include/dbm + + tar czvf $(NAME)-$(VERSION).tar.gz opt + echo "%define _topdir `pwd`" >temp.spec sed -e "s/NAME_REPLACE/$(NAME)/" \ -e "s/VERSION_REPLACE/$(VERSION)/" \ -e "s/RELEASE_REPLACE/$(RELEASE)/" \ - <$(NAME).spec >temp.spec + <$(NAME).spec >>temp.spec echo "" >>temp.spec echo "%files" >>temp.spec echo "%defattr(-,root,root)" >>temp.spec - echo "%dir /usr" >>temp.spec - echo "%dir /usr/lib" >>temp.spec - echo "%dir /usr/lib/mps" >>temp.spec - find usr \( -name "*.so" -o -name "*.chk" \) \ - | sed -e "s-^-/-" >>temp.spec + echo "%dir /opt" >>temp.spec + echo "%dir /opt/sun" >>temp.spec + echo "%dir /opt/sun/private" >>temp.spec + echo "%dir /opt/sun/private/lib" >>temp.spec + echo "%dir /opt/sun/private/bin" >>temp.spec + find opt \( -name "*.so" -o -name "*.chk" -o -type f \ + -perm u=rwx,g=rx,o=rx \) | sed -e "s-^-/-" >>temp.spec echo "" >>temp.spec echo "%files devel" >>temp.spec echo "%defattr(-,root,root)" >>temp.spec - find usr -type d | sed -e "s-^-%dir /-" >>temp.spec - find usr -type f ! \( -name "*.so" -o -name "*.chk" \) \ + echo "%dir /opt" >>temp.spec + echo "%dir /opt/sun" >>temp.spec + echo "%dir /opt/sun/private" >>temp.spec + echo "%dir /opt/sun/private/include" >>temp.spec + echo "%dir /opt/sun/private/include/nss" >>temp.spec + find opt -type f \( -name "*.h" \) \ | sed -e "s-^-/-" >>temp.spec - cp $(NAME)-$(VERSION).tar.gz $(TOPDIR)/SOURCES + cp $(NAME)-$(VERSION).tar.gz SOURCES rpm -ba temp.spec - if [ ! -d RPMS ] ; then mkdir -p RPMS ; fi - if [ ! -d SRPMS ] ; then mkdir -p SRPMS ; fi - cp -v $(TOPDIR)/RPMS/i386/$(NAME)-$(VERSION)-* RPMS - cp -v $(TOPDIR)/RPMS/i386/$(NAME)-devel-$(VERSION)-* RPMS - cp -v $(TOPDIR)/SRPMS/$(NAME)-$(VERSION)-* SRPMS clean:: - rm -rf $(TOPDIR)/BUILD/$(NAME) - rm -rf RPMS SRPMS usr + rm -rf SOURCES SRPMS RPMS BUILD + rm -rf opt rm -f temp.spec rm -f $(NAME)-$(VERSION).tar.gz diff --git a/security/nss/pkg/linux/sun-nss.spec b/security/nss/pkg/linux/sun-nss.spec index 1c3563332..4c814f36a 100644 --- a/security/nss/pkg/linux/sun-nss.spec +++ b/security/nss/pkg/linux/sun-nss.spec @@ -1,14 +1,17 @@ Summary: Network Security Services Name: NAME_REPLACE -Vendor: Sun Microsystems +Vendor: Sun Microsystems, Inc. Version: VERSION_REPLACE Release: RELEASE_REPLACE -Copyright: MPL/GPL +Copyright: Copyright 2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Also under other license(s) as shown at the Description field. +Distribution: Sun Java(TM) Enterprise System +URL: http://www.sun.com Group: System Environment/Base Source: %{name}-%{version}.tar.gz ExclusiveOS: Linux -BuildRoot: /var/tmp/%{name}-root -Requires: sun-nspr >= 4.3 +BuildRoot: %_topdir/%{name}-root + +Requires: sun-nspr >= 4.1.2 %description Network Security Services (NSS) is a set of libraries designed @@ -18,6 +21,8 @@ and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. See: http://www.mozilla.org/projects/security/pki/nss/overview.html +Under "MPL/GPL" license. + %package devel Summary: Development Libraries for Network Security Services Group: Development/Libraries @@ -26,6 +31,8 @@ Requires: %{name} = %{version}-%{release} %description devel Header files for doing development with Network Security Services. +Under "MPL/GPL" license. + %prep %setup -c diff --git a/security/nss/pkg/solaris/Makefile b/security/nss/pkg/solaris/Makefile index 2d2ff6ff4..3819fa4a8 100644 --- a/security/nss/pkg/solaris/Makefile +++ b/security/nss/pkg/solaris/Makefile @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" @@ -12,26 +12,27 @@ CORE_DEPTH = ../../.. cp $< $@ chmod +x $@ +HEADER_DIR = public/nss -ifeq ($(USE_64), 1) DIRS = \ - SUNWtlsx -else -DIRS = \ - SUNWtls -endif + SUNWtls \ + SUNWtlsu \ + SUNWtlsd + +include Makefile.com PROTO = \ $(ROOT) \ - $(ROOT)/usr \ - $(ROOT)/usr/lib \ - $(ROOT)/usr/lib/mps + $(ROOT)/usr/lib/mps \ + $(ROOT)/usr/include/mps \ + $(ROOT)/usr/sfw/bin -ifdef USE_64 -PROTO += $(ROOT)/usr/lib/mps/sparcv9 +ifeq ($(MACH), sparc) + PROTO += $(ROOT)/usr/lib/mps/sparcv9 \ + $(ROOT)/usr/sfw/bin/sparcv9 endif -include Makefile.com +DIST64 = $(shell echo $(DIST) | sed -e "s|_OPT|_64_OPT|g" -e "s|_DBG|_64_DBG|g") awk_pkginfo: bld_awk_pkginfo ./bld_awk_pkginfo -m $(MACH) -p "$(PRODUCT_VERSION)" -o $@ -v $(PRODUCT_VERSION) @@ -44,13 +45,23 @@ clean clobber:: $(RM) awk_pkginfo bld_awk_pkginfo $(RM) -r $(ROOT) -$(ROOT) $(ROOT)/%: +$(ROOT): mkdir -p $@ -ifdef USE_64 -$(ROOT)/usr/lib/mps/sparcv9: $(ROOT)/usr/lib - $(LN) -sf ../../../../$(DIST)/lib $@ -else -$(ROOT)/usr/lib/mps: $(ROOT)/usr/lib - $(LN) -sf ../../../$(DIST)/lib $@ -endif +$(ROOT)/usr/lib/mps: + mkdir -p $@ + $(CP) -r $(DIST)/lib/*.so $@ + $(CP) -r $(DIST)/lib/*.chk $@ +$(ROOT)/usr/sfw/bin: + mkdir -p $@ + -$(CP) -r $(DIST)/bin/* $@ +$(ROOT)/usr/include/mps: + mkdir -p $@ + $(CP) -r $(SOURCE_PREFIX)/$(HEADER_DIR)/*.h $@ +$(ROOT)/usr/lib/mps/sparcv9: + mkdir -p $@ + $(CP) -r $(DIST64)/lib/*.so $@ + $(CP) -r $(DIST64)/lib/*.chk $@ +$(ROOT)/usr/sfw/bin/sparcv9: + mkdir -p $@ + $(CP) -r $(DIST64)/bin/* $@ diff --git a/security/nss/pkg/solaris/Makefile-devl.com b/security/nss/pkg/solaris/Makefile-devl.com new file mode 100755 index 000000000..372d6e557 --- /dev/null +++ b/security/nss/pkg/solaris/Makefile-devl.com @@ -0,0 +1,33 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# + +MACH = $(shell mach) + +PUBLISH_ROOT = $(DIST) +ifeq ($(CORE_DEPTH),../../..) +ROOT = ROOT +else +ROOT = $(subst ../../../,,$(CORE_DEPTH))/ROOT +endif + +PKGARCHIVE = $(PUBLISH_ROOT)/pkgarchive +DATAFILES = copyright +FILES = $(DATAFILES) pkginfo + + +PACKAGE = $(shell basename `pwd`) + +PRODUCT_VERSION = $(shell grep NSS_VERSION $(CORE_DEPTH)/nss/lib/nss/nss.h | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//') + +LN = /usr/bin/ln + +CLOBBERFILES = $(FILES) + +include $(CORE_DEPTH)/coreconf/config.mk +include $(CORE_DEPTH)/coreconf/rules.mk + +# vim: ft=make diff --git a/security/nss/pkg/solaris/Makefile-devl.targ b/security/nss/pkg/solaris/Makefile-devl.targ new file mode 100755 index 000000000..84283d89b --- /dev/null +++ b/security/nss/pkg/solaris/Makefile-devl.targ @@ -0,0 +1,26 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# + +pkginfo: pkginfo.tmpl ../awk_pkginfo + $(RM) $@; nawk -f ../awk_pkginfo $@.tmpl > $@ + +pkg: $(PKGARCHIVE) prototype + pkgmk -f prototype -d $(PKGARCHIVE) -r $(ROOT) -o $(PACKAGE) + +$(PKGARCHIVE): + [ -d $(PKGARCHIVE) ] || mkdir -p $(PKGARCHIVE) + +$(DATAFILES):: %: ../common_files/% + $(RM) $@; cp ../common_files/$@ $@ + +$(MACHDATAFILES): %: ../common_files/%_$(MACH) + $(RM) $@; cp ../common_files/$@_$(MACH) $@ + +clobber clean:: + -$(RM) $(CLOBBERFILES) $(CLEANFILES) + +.PHONY: pkg diff --git a/security/nss/pkg/solaris/Makefile-tlsu.com b/security/nss/pkg/solaris/Makefile-tlsu.com new file mode 100755 index 000000000..372d6e557 --- /dev/null +++ b/security/nss/pkg/solaris/Makefile-tlsu.com @@ -0,0 +1,33 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# + +MACH = $(shell mach) + +PUBLISH_ROOT = $(DIST) +ifeq ($(CORE_DEPTH),../../..) +ROOT = ROOT +else +ROOT = $(subst ../../../,,$(CORE_DEPTH))/ROOT +endif + +PKGARCHIVE = $(PUBLISH_ROOT)/pkgarchive +DATAFILES = copyright +FILES = $(DATAFILES) pkginfo + + +PACKAGE = $(shell basename `pwd`) + +PRODUCT_VERSION = $(shell grep NSS_VERSION $(CORE_DEPTH)/nss/lib/nss/nss.h | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//') + +LN = /usr/bin/ln + +CLOBBERFILES = $(FILES) + +include $(CORE_DEPTH)/coreconf/config.mk +include $(CORE_DEPTH)/coreconf/rules.mk + +# vim: ft=make diff --git a/security/nss/pkg/solaris/Makefile-tlsu.targ b/security/nss/pkg/solaris/Makefile-tlsu.targ new file mode 100755 index 000000000..2c5db9911 --- /dev/null +++ b/security/nss/pkg/solaris/Makefile-tlsu.targ @@ -0,0 +1,26 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# + +pkginfo: pkginfo.tmpl ../awk_pkginfo + $(RM) $@; nawk -f ../awk_pkginfo $@.tmpl > $@ + +pkg: $(PKGARCHIVE) prototype_$(MACH) + pkgmk -f prototype_$(MACH) -d $(PKGARCHIVE) -r $(ROOT) -o $(PACKAGE) + +$(PKGARCHIVE): + [ -d $(PKGARCHIVE) ] || mkdir -p $(PKGARCHIVE) + +$(DATAFILES):: %: ../common_files/% + $(RM) $@; cp ../common_files/$@ $@ + +$(MACHDATAFILES): %: ../common_files/%_$(MACH) + $(RM) $@; cp ../common_files/$@_$(MACH) $@ + +clobber clean:: + -$(RM) $(CLOBBERFILES) $(CLEANFILES) + +.PHONY: pkg diff --git a/security/nss/pkg/solaris/Makefile.com b/security/nss/pkg/solaris/Makefile.com index 7d445459e..9e4d4fc04 100644 --- a/security/nss/pkg/solaris/Makefile.com +++ b/security/nss/pkg/solaris/Makefile.com @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" @@ -16,7 +16,7 @@ endif PKGARCHIVE = $(PUBLISH_ROOT)/pkgarchive DATAFILES = copyright -FILES = $(DATAFILES) pkginfo +FILES = $(DATAFILES) pkginfo prototype PACKAGE = $(shell basename `pwd`) @@ -24,6 +24,7 @@ PRODUCT_VERSION = $(shell grep NSS_VERSION $(CORE_DEPTH)/../dist/public/nss/nss. | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//') LN = /usr/bin/ln +CP = /usr/bin/cp CLOBBERFILES = $(FILES) diff --git a/security/nss/pkg/solaris/Makefile.targ b/security/nss/pkg/solaris/Makefile.targ index 279a7bca6..bc36eb6c4 100644 --- a/security/nss/pkg/solaris/Makefile.targ +++ b/security/nss/pkg/solaris/Makefile.targ @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" @@ -8,7 +8,12 @@ pkginfo: pkginfo.tmpl ../awk_pkginfo $(RM) $@; nawk -f ../awk_pkginfo $@.tmpl > $@ -pkg: $(PKGARCHIVE) +prototype: prototype_com prototype_$(MACH) + cat prototype_$(MACH) | sed -e \ +'/^!include[ ][ ]*prototype_com/ r ./prototype_com' \ +-e 's/^!include[ ][ ]*prototype_com//g' >prototype + +pkg: $(PKGARCHIVE) prototype pkgmk -f prototype_$(MACH) -d $(PKGARCHIVE) -r $(ROOT) -o $(PACKAGE) $(PKGARCHIVE): diff --git a/security/nss/pkg/solaris/SUNWtls/Makefile b/security/nss/pkg/solaris/SUNWtls/Makefile index 5058a1f68..a299d6321 100644 --- a/security/nss/pkg/solaris/SUNWtls/Makefile +++ b/security/nss/pkg/solaris/SUNWtls/Makefile @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" diff --git a/security/nss/pkg/solaris/SUNWtls/pkgdepend b/security/nss/pkg/solaris/SUNWtls/pkgdepend index 966ba0556..51b7ba8b3 100644 --- a/security/nss/pkg/solaris/SUNWtls/pkgdepend +++ b/security/nss/pkg/solaris/SUNWtls/pkgdepend @@ -1,4 +1,4 @@ -# Copyright 2002 Microsystems, Inc. All Rights Reserved. +# Copyright 2004 Microsystems, Inc. All Rights Reserved. # Use is subject to license terms. # # $Id$ diff --git a/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl b/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl index e0a697529..fd2235b9d 100644 --- a/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl +++ b/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" diff --git a/security/nss/pkg/solaris/SUNWtls/prototype_com b/security/nss/pkg/solaris/SUNWtls/prototype_com index c5e00d3e2..3e2df6253 100644 --- a/security/nss/pkg/solaris/SUNWtls/prototype_com +++ b/security/nss/pkg/solaris/SUNWtls/prototype_com @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" @@ -26,9 +26,16 @@ i depend=pkgdepend d none usr 755 root sys d none usr/lib 755 root bin d none usr/lib/mps 755 root bin +d none usr/lib/mps/secv1 755 root bin f none usr/lib/mps/libnss3.so 755 root bin f none usr/lib/mps/libsmime3.so 755 root bin f none usr/lib/mps/libssl3.so 755 root bin f none usr/lib/mps/libnssckbi.so 755 root bin f none usr/lib/mps/libsoftokn3.chk 755 root bin f none usr/lib/mps/libsoftokn3.so 755 root bin +s none usr/lib/mps/secv1/libnss3.so=../libnss3.so +s none usr/lib/mps/secv1/libsmime3.so=../libsmime3.so +s none usr/lib/mps/secv1/libssl3.so=../libssl3.so +s none usr/lib/mps/secv1/libnssckbi.so=../libnssckbi.so +s none usr/lib/mps/secv1/libsoftokn3.chk=../libsoftokn3.chk +s none usr/lib/mps/secv1/libsoftokn3.so=../libsoftokn3.so diff --git a/security/nss/pkg/solaris/SUNWtls/prototype_i386 b/security/nss/pkg/solaris/SUNWtls/prototype_i386 index d2718ee05..8c6d62844 100644 --- a/security/nss/pkg/solaris/SUNWtls/prototype_i386 +++ b/security/nss/pkg/solaris/SUNWtls/prototype_i386 @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" diff --git a/security/nss/pkg/solaris/SUNWtls/prototype_sparc b/security/nss/pkg/solaris/SUNWtls/prototype_sparc index d916457c6..0aeb466f0 100644 --- a/security/nss/pkg/solaris/SUNWtls/prototype_sparc +++ b/security/nss/pkg/solaris/SUNWtls/prototype_sparc @@ -1,5 +1,5 @@ # -# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "$Id$" @@ -32,3 +32,24 @@ f none usr/lib/mps/libfreebl_hybrid_3.chk 755 root bin f none usr/lib/mps/libfreebl_hybrid_3.so 755 root bin f none usr/lib/mps/libfreebl_pure32_3.chk 755 root bin f none usr/lib/mps/libfreebl_pure32_3.so 755 root bin +s none usr/lib/mps/secv1/libfreebl_hybrid_3.chk=../libfreebl_hybrid_3.chk +s none usr/lib/mps/secv1/libfreebl_hybrid_3.so=../libfreebl_hybrid_3.so +s none usr/lib/mps/secv1/libfreebl_pure32_3.chk=../libfreebl_pure32_3.chk +s none usr/lib/mps/secv1/libfreebl_pure32_3.so=../libfreebl_pure32_3.so +s none usr/lib/mps/64=sparcv9 +s none usr/lib/mps/secv1/64=sparcv9 +d none usr/lib/mps/sparcv9 755 root bin +d none usr/lib/mps/secv1/sparcv9 755 root bin +f none usr/lib/mps/sparcv9/libnss3.so 755 root bin +f none usr/lib/mps/sparcv9/libsmime3.so 755 root bin +f none usr/lib/mps/sparcv9/libssl3.so 755 root bin +f none usr/lib/mps/sparcv9/libnssckbi.so 755 root bin +f none usr/lib/mps/sparcv9/libsoftokn3.chk 755 root bin +f none usr/lib/mps/sparcv9/libsoftokn3.so 755 root bin +s none usr/lib/mps/secv1/sparcv9/libnss3.so=../../sparcv9/libnss3.so +s none usr/lib/mps/secv1/sparcv9/libsmime3.so=../../sparcv9/libsmime3.so +s none usr/lib/mps/secv1/sparcv9/libssl3.so=../../sparcv9/libssl3.so +s none usr/lib/mps/secv1/sparcv9/libnssckbi.so=../../sparcv9/libnssckbi.so +s none usr/lib/mps/secv1/sparcv9/libsoftokn3.chk=../../sparcv9/libsoftokn3.chk +s none usr/lib/mps/secv1/sparcv9/libsoftokn3.so=../../sparcv9/libsoftokn3.so + diff --git a/security/nss/pkg/solaris/SUNWtlsd/Makefile b/security/nss/pkg/solaris/SUNWtlsd/Makefile new file mode 100755 index 000000000..3a1bd83b3 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsd/Makefile @@ -0,0 +1,16 @@ +# +# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# + +CORE_DEPTH = ../../../.. +include ../Makefile-devl.com + +DATAFILES += + +all:: $(FILES) +publish:: all pkg + +include ../Makefile-devl.targ diff --git a/security/nss/pkg/solaris/SUNWtlsd/pkgdepend b/security/nss/pkg/solaris/SUNWtlsd/pkgdepend new file mode 100755 index 000000000..fe0695db7 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsd/pkgdepend @@ -0,0 +1,23 @@ +# Copyright 2002 Microsystems, Inc. All Rights Reserved. +# Use is subject to license terms. +# +# $Id$ +# +# This package information file defines software dependencies associated +# with the pkg. You can define three types of pkg dependencies with this file: +# P indicates a prerequisite for installation +# I indicates an incompatible package +# R indicates a reverse dependency +# <pkg.abbr> see pkginfo(4), PKG parameter +# <name> see pkginfo(4), NAME parameter +# <version> see pkginfo(4), VERSION parameter +# <arch> see pkginfo(4), ARCH parameter +# <type> <pkg.abbr> <name> +# (<arch>)<version> +# (<arch>)<version> +# ... +# <type> <pkg.abbr> <name> +# ... + +P SUNWprd Netscape Portable Runtime Development +P SUNWtls Netscape Security Services diff --git a/security/nss/pkg/solaris/SUNWtlsd/pkginfo.tmpl b/security/nss/pkg/solaris/SUNWtlsd/pkginfo.tmpl new file mode 100755 index 000000000..c47b89069 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsd/pkginfo.tmpl @@ -0,0 +1,34 @@ +# +# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# +# +# This required package information file describes characteristics of the +# package, such as package abbreviation, full package name, package version, +# and package architecture. +# +PKG="SUNWtlsd" +NAME="Network Security Services Development" +ARCH="ISA" +VERSION="NSSVERS,REV=0.0.0" +SUNW_PRODNAME="Network Security Services Development" +SUNW_PRODVERS="RELEASE/VERSION" +SUNW_PKGTYPE="usr" +MAXINST="1000" +CATEGORY="system" +DESC="Network Security Services Files for Development" +VENDOR="Sun Microsystems, Inc." +HOTLINE="Please contact your local service provider" +EMAIL="" +CLASSES="none" +BASEDIR=/ +SUNW_PKGVERS="1.0" +#VSTOCK="<reserved by Release Engineering for package part #>" +#ISTATES="<developer defined>" +#RSTATES='<developer defined>' +#ULIMIT="<developer defined>" +#ORDER="<developer defined>" +#PSTAMP="<developer defined>" +#INTONLY="<developer defined>" diff --git a/security/nss/pkg/solaris/SUNWtlsd/prototype b/security/nss/pkg/solaris/SUNWtlsd/prototype new file mode 100755 index 000000000..23429a6d8 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsd/prototype @@ -0,0 +1,127 @@ +# +# Copyright 2002 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# +# This required package information file contains a list of package contents. +# The 'pkgmk' command uses this file to identify the contents of a package +# and their location on the development machine when building the package. +# Can be created via a text editor or through use of the 'pkgproto' command. + +#!search <pathname pathname ...> # where to find pkg objects +#!include <filename> # include another 'prototype' file +#!default <mode> <owner> <group> # default used if not specified on entry +#!<param>=<value> # puts parameter in pkg environment + +# packaging files +i copyright +i pkginfo +i depend=pkgdepend +# +# source locations relative to the prototype file +# +# SUNWtlsd +# +d none usr 0755 root sys +d none usr/include 0755 root bin +d none usr/include/mps 0755 root bin +f none usr/include/mps/base64.h 0644 root bin +#f none usr/include/mps/blapi.h 0644 root bin +f none usr/include/mps/blapit.h 0644 root bin +f none usr/include/mps/cert.h 0644 root bin +f none usr/include/mps/certdb.h 0644 root bin +f none usr/include/mps/certt.h 0644 root bin +f none usr/include/mps/ciferfam.h 0644 root bin +f none usr/include/mps/cmmf.h 0644 root bin +f none usr/include/mps/cmmft.h 0644 root bin +f none usr/include/mps/cms.h 0644 root bin +f none usr/include/mps/cmsreclist.h 0644 root bin +f none usr/include/mps/cmst.h 0644 root bin +f none usr/include/mps/crmf.h 0644 root bin +f none usr/include/mps/crmft.h 0644 root bin +f none usr/include/mps/cryptohi.h 0644 root bin +f none usr/include/mps/cryptoht.h 0644 root bin +f none usr/include/mps/ecl-exp.h 0644 root bin +f none usr/include/mps/hasht.h 0644 root bin +f none usr/include/mps/jar-ds.h 0644 root bin +f none usr/include/mps/jar.h 0644 root bin +f none usr/include/mps/jarfile.h 0644 root bin +f none usr/include/mps/key.h 0644 root bin +#f none usr/include/mps/keydbt.h 0644 root bin +f none usr/include/mps/keyhi.h 0644 root bin +#f none usr/include/mps/keylow.h 0644 root bin +f none usr/include/mps/keyt.h 0644 root bin +#f none usr/include/mps/keytboth.h 0644 root bin +f none usr/include/mps/keythi.h 0644 root bin +#f none usr/include/mps/keytlow.h 0644 root bin +f none usr/include/mps/nss.h 0644 root bin +f none usr/include/mps/nssb64.h 0644 root bin +f none usr/include/mps/nssb64t.h 0644 root bin +f none usr/include/mps/nssbase.h 0644 root bin +f none usr/include/mps/nssbaset.h 0644 root bin +f none usr/include/mps/nssckepv.h 0644 root bin +f none usr/include/mps/nssckbi.h 0644 root bin +f none usr/include/mps/nssckft.h 0644 root bin +f none usr/include/mps/nssckfw.h 0644 root bin +f none usr/include/mps/nssckfwc.h 0644 root bin +f none usr/include/mps/nssckfwt.h 0644 root bin +f none usr/include/mps/nssckg.h 0644 root bin +f none usr/include/mps/nssckmdt.h 0644 root bin +#f none usr/include/mps/nssckp.h 0644 root bin +f none usr/include/mps/nssckt.h 0644 root bin +#f none usr/include/mps/nsscku.h 0644 root bin +f none usr/include/mps/nssilckt.h 0644 root bin +f none usr/include/mps/nssilock.h 0644 root bin +f none usr/include/mps/nsslocks.h 0644 root bin +f none usr/include/mps/nssrwlk.h 0644 root bin +f none usr/include/mps/nssrwlkt.h 0644 root bin +f none usr/include/mps/ocsp.h 0644 root bin +f none usr/include/mps/ocspt.h 0644 root bin +f none usr/include/mps/p12.h 0644 root bin +f none usr/include/mps/p12plcy.h 0644 root bin +f none usr/include/mps/p12t.h 0644 root bin +f none usr/include/mps/pk11func.h 0644 root bin +f none usr/include/mps/pk11pqg.h 0644 root bin +f none usr/include/mps/pk11sdr.h 0644 root bin +f none usr/include/mps/pkcs11.h 0644 root bin +f none usr/include/mps/pkcs11f.h 0644 root bin +f none usr/include/mps/pkcs11p.h 0644 root bin +f none usr/include/mps/pkcs11t.h 0644 root bin +f none usr/include/mps/pkcs11u.h 0644 root bin +f none usr/include/mps/pkcs11n.h 0644 root bin +f none usr/include/mps/pkcs12.h 0644 root bin +f none usr/include/mps/pkcs12t.h 0644 root bin +f none usr/include/mps/pkcs7t.h 0644 root bin +f none usr/include/mps/portreg.h 0644 root bin +#f none usr/include/mps/pqgutil.h 0644 root bin +f none usr/include/mps/preenc.h 0644 root bin +f none usr/include/mps/secasn1.h 0644 root bin +f none usr/include/mps/secasn1t.h 0644 root bin +f none usr/include/mps/seccomon.h 0644 root bin +f none usr/include/mps/secder.h 0644 root bin +f none usr/include/mps/secdert.h 0644 root bin +f none usr/include/mps/secdig.h 0644 root bin +f none usr/include/mps/secdigt.h 0644 root bin +f none usr/include/mps/secerr.h 0644 root bin +f none usr/include/mps/sechash.h 0644 root bin +f none usr/include/mps/secitem.h 0644 root bin +f none usr/include/mps/secmime.h 0644 root bin +f none usr/include/mps/secmod.h 0644 root bin +f none usr/include/mps/secmodt.h 0644 root bin +f none usr/include/mps/secoid.h 0644 root bin +f none usr/include/mps/secoidt.h 0644 root bin +f none usr/include/mps/secpkcs5.h 0644 root bin +f none usr/include/mps/secpkcs7.h 0644 root bin +f none usr/include/mps/secport.h 0644 root bin +#f none usr/include/mps/secrng.h 0644 root bin +#f none usr/include/mps/secrngt.h 0644 root bin +f none usr/include/mps/shsign.h 0644 root bin +f none usr/include/mps/smime.h 0644 root bin +f none usr/include/mps/ssl.h 0644 root bin +f none usr/include/mps/sslerr.h 0644 root bin +f none usr/include/mps/sslproto.h 0644 root bin +f none usr/include/mps/sslt.h 0644 root bin +f none usr/include/mps/swfort.h 0644 root bin +f none usr/include/mps/swfortt.h 0644 root bin +f none usr/include/mps/watcomfx.h 0644 root bin diff --git a/security/nss/pkg/solaris/SUNWtlsu/Makefile b/security/nss/pkg/solaris/SUNWtlsu/Makefile new file mode 100755 index 000000000..bc2795e27 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsu/Makefile @@ -0,0 +1,16 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# + +CORE_DEPTH = ../../../.. +include ../Makefile-tlsu.com + +DATAFILES += + +all:: $(FILES) +publish:: all pkg + +include ../Makefile-tlsu.targ diff --git a/security/nss/pkg/solaris/SUNWtlsu/pkgdepend b/security/nss/pkg/solaris/SUNWtlsu/pkgdepend new file mode 100755 index 000000000..ae7d398c1 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsu/pkgdepend @@ -0,0 +1,22 @@ +# Copyright 2004 Microsystems, Inc. All Rights Reserved. +# Use is subject to license terms. +# +# $Id$ +# +# This package information file defines software dependencies associated +# with the pkg. You can define three types of pkg dependencies with this file: +# P indicates a prerequisite for installation +# I indicates an incompatible package +# R indicates a reverse dependency +# <pkg.abbr> see pkginfo(4), PKG parameter +# <name> see pkginfo(4), NAME parameter +# <version> see pkginfo(4), VERSION parameter +# <arch> see pkginfo(4), ARCH parameter +# <type> <pkg.abbr> <name> +# (<arch>)<version> +# (<arch>)<version> +# ... +# <type> <pkg.abbr> <name> +# ... + +P SUNWtls Netscape Security Services diff --git a/security/nss/pkg/solaris/SUNWtlsu/pkginfo.tmpl b/security/nss/pkg/solaris/SUNWtlsu/pkginfo.tmpl new file mode 100755 index 000000000..19b7e8766 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsu/pkginfo.tmpl @@ -0,0 +1,34 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# +# +# This required package information file describes characteristics of the +# package, such as package abbreviation, full package name, package version, +# and package architecture. +# +PKG="SUNWtlsu" +NAME="Network Security Services Utilities" +ARCH="ISA" +VERSION="NSSVERS,REV=0.0.0" +SUNW_PRODNAME="Network Security Services Utilities" +SUNW_PRODVERS="RELEASE/VERSION" +SUNW_PKGTYPE="usr" +MAXINST="1000" +CATEGORY="system" +DESC="Network Security Services Utilities Programs" +VENDOR="Sun Microsystems, Inc." +HOTLINE="Please contact your local service provider" +EMAIL="" +CLASSES="none" +BASEDIR=/ +SUNW_PKGVERS="1.0" +#VSTOCK="<reserved by Release Engineering for package part #>" +#ISTATES="<developer defined>" +#RSTATES='<developer defined>' +#ULIMIT="<developer defined>" +#ORDER="<developer defined>" +#PSTAMP="<developer defined>" +#INTONLY="<developer defined>" diff --git a/security/nss/pkg/solaris/SUNWtlsu/prototype_com b/security/nss/pkg/solaris/SUNWtlsu/prototype_com new file mode 100755 index 000000000..48f8387dd --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsu/prototype_com @@ -0,0 +1,36 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# +# This required package information file contains a list of package contents. +# The 'pkgmk' command uses this file to identify the contents of a package +# and their location on the development machine when building the package. +# Can be created via a text editor or through use of the 'pkgproto' command. + +#!search <pathname pathname ...> # where to find pkg objects +#!include <filename> # include another 'prototype' file +#!default <mode> <owner> <group> # default used if not specified on entry +#!<param>=<value> # puts parameter in pkg environment + +# packaging files +i copyright +i pkginfo +i depend=pkgdepend +# +# source locations relative to the prototype file +# +# SUNWtlsu +# +d none usr 0755 root sys +d none usr/sfw 0755 root bin +d none usr/sfw/bin 0755 root bin +f none usr/sfw/bin/certutil 0755 root bin +f none usr/sfw/bin/crlutil 0755 root bin +f none usr/sfw/bin/cmsutil 0755 root bin +f none usr/sfw/bin/modutil 0755 root bin +f none usr/sfw/bin/pk12util 0755 root bin +f none usr/sfw/bin/signtool 0755 root bin +f none usr/sfw/bin/signver 0755 root bin +f none usr/sfw/bin/ssltap 0755 root bin diff --git a/security/nss/pkg/solaris/SUNWtlsu/prototype_i386 b/security/nss/pkg/solaris/SUNWtlsu/prototype_i386 new file mode 100644 index 000000000..7fc238abd --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsu/prototype_i386 @@ -0,0 +1,31 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# +# This required package information file contains a list of package contents. +# The 'pkgmk' command uses this file to identify the contents of a package +# and their location on the development machine when building the package. +# Can be created via a text editor or through use of the 'pkgproto' command. + +#!search <pathname pathname ...> # where to find pkg objects +#!include <filename> # include another 'prototype' file +#!default <mode> <owner> <group> # default used if not specified on entry +#!<param>=<value> # puts parameter in pkg environment + +# +# Include ISA independent files (prototype_com) +# +!include prototype_com +# +# +# +# List files which are i386 specific here +# +# source locations relative to the prototype file +# +# +# SUNWtlsu +# + diff --git a/security/nss/pkg/solaris/SUNWtlsu/prototype_sparc b/security/nss/pkg/solaris/SUNWtlsu/prototype_sparc new file mode 100644 index 000000000..21aaabe32 --- /dev/null +++ b/security/nss/pkg/solaris/SUNWtlsu/prototype_sparc @@ -0,0 +1,41 @@ +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "$Id$" +# +# This required package information file contains a list of package contents. +# The 'pkgmk' command uses this file to identify the contents of a package +# and their location on the development machine when building the package. +# Can be created via a text editor or through use of the 'pkgproto' command. + +#!search <pathname pathname ...> # where to find pkg objects +#!include <filename> # include another 'prototype' file +#!default <mode> <owner> <group> # default used if not specified on entry +#!<param>=<value> # puts parameter in pkg environment + +# +# Include ISA independent files (prototype_com) +# +!include prototype_com +# +# +# +# List files which are SPARC specific here +# +# source locations relative to the prototype file +# +# +# SUNWtlsu +# +s none usr/sfw/bin/64=sparcv9 +d none usr/sfw/bin/sparcv9 0755 root bin +f none usr/sfw/bin/sparcv9/certutil 0755 root bin +f none usr/sfw/bin/sparcv9/crlutil 0755 root bin +f none usr/sfw/bin/sparcv9/cmsutil 0755 root bin +f none usr/sfw/bin/sparcv9/modutil 0755 root bin +f none usr/sfw/bin/sparcv9/pk12util 0755 root bin +f none usr/sfw/bin/sparcv9/signtool 0755 root bin +f none usr/sfw/bin/sparcv9/signver 0755 root bin +f none usr/sfw/bin/sparcv9/ssltap 0755 root bin + |